Escolha a permissão ou permissões marcadas como menos privilegiadas para esta API. Utilize uma permissão ou permissões com privilégios mais elevados apenas se a sua aplicação o exigir. Para obter detalhes sobre as permissões delegadas e de aplicação, veja Tipos de permissão. Para saber mais sobre estas permissões, veja a referência de permissões.
O exemplo a seguir mostra uma solicitação.
PATCH https://graph.microsoft.com/beta/policies/defaultAppManagementPolicy
Content-Type: application/json
{
"isEnabled": true,
"applicationRestrictions": {
"passwordCredentials": [
{
"restrictionType": "passwordAddition",
"maxLifetime": null,
"restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"
},
{
"restrictionType": "passwordLifetime",
"maxLifetime": "P90D",
"restrictForAppsCreatedAfterDateTime": "2017-01-01T10:37:00Z"
},
{
"restrictionType": "symmetricKeyAddition",
"maxLifetime": null,
"restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"
},
{
"restrictionType": "customPasswordAddition",
"maxLifetime": null,
"restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
},
{
"restrictionType": "symmetricKeyLifetime",
"maxLifetime": "P30D",
"restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
}
],
"keyCredentials": [
{
"restrictionType": "asymmetricKeyLifetime",
"maxLifetime": "P30D",
"restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"
},
{
"restrictionType": "trustedCertificateAuthority",
"restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z",
"certificateBasedApplicationConfigurationIds": [
"eec5ba11-2fc0-4113-83a2-ed986ed13743",
"bb8e164b-f9ed-4b98-bc45-65eddc14f4c1"
],
"maxLifetime": null
}
],
"identifierUris": {
"nonDefaultUriAddition": {
"restrictForAppsCreatedAfterDateTime": "2024-01-01T10:37:00Z",
"excludeAppsReceivingV2Tokens": true,
"excludeSaml": true
}
}
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new TenantAppManagementPolicy
{
IsEnabled = true,
ApplicationRestrictions = new AppManagementApplicationConfiguration
{
PasswordCredentials = new List<PasswordCredentialConfiguration>
{
new PasswordCredentialConfiguration
{
RestrictionType = AppCredentialRestrictionType.PasswordAddition,
MaxLifetime = null,
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2021-01-01T10:37:00Z"),
},
new PasswordCredentialConfiguration
{
RestrictionType = AppCredentialRestrictionType.PasswordLifetime,
MaxLifetime = TimeSpan.Parse("P90D"),
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2017-01-01T10:37:00Z"),
},
new PasswordCredentialConfiguration
{
RestrictionType = AppCredentialRestrictionType.SymmetricKeyAddition,
MaxLifetime = null,
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2021-01-01T10:37:00Z"),
},
new PasswordCredentialConfiguration
{
RestrictionType = AppCredentialRestrictionType.CustomPasswordAddition,
MaxLifetime = null,
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2015-01-01T10:37:00Z"),
},
new PasswordCredentialConfiguration
{
RestrictionType = AppCredentialRestrictionType.SymmetricKeyLifetime,
MaxLifetime = TimeSpan.Parse("P30D"),
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2015-01-01T10:37:00Z"),
},
},
KeyCredentials = new List<KeyCredentialConfiguration>
{
new KeyCredentialConfiguration
{
RestrictionType = AppKeyCredentialRestrictionType.AsymmetricKeyLifetime,
MaxLifetime = TimeSpan.Parse("P30D"),
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2015-01-01T10:37:00Z"),
},
new KeyCredentialConfiguration
{
RestrictionType = AppKeyCredentialRestrictionType.TrustedCertificateAuthority,
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2019-10-19T10:37:00Z"),
CertificateBasedApplicationConfigurationIds = new List<string>
{
"eec5ba11-2fc0-4113-83a2-ed986ed13743",
"bb8e164b-f9ed-4b98-bc45-65eddc14f4c1",
},
MaxLifetime = null,
},
},
IdentifierUris = new IdentifierUriConfiguration
{
NonDefaultUriAddition = new IdentifierUriRestriction
{
RestrictForAppsCreatedAfterDateTime = DateTimeOffset.Parse("2024-01-01T10:37:00Z"),
ExcludeAppsReceivingV2Tokens = true,
ExcludeSaml = true,
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.DefaultAppManagementPolicy.PatchAsync(requestBody);
mgc-beta policies default-app-management-policy patch --body '{\
"isEnabled": true,\
"applicationRestrictions": {\
"passwordCredentials": [\
{\
"restrictionType": "passwordAddition",\
"maxLifetime": null,\
"restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"\
},\
{\
"restrictionType": "passwordLifetime",\
"maxLifetime": "P90D",\
"restrictForAppsCreatedAfterDateTime": "2017-01-01T10:37:00Z"\
},\
{\
"restrictionType": "symmetricKeyAddition",\
"maxLifetime": null,\
"restrictForAppsCreatedAfterDateTime": "2021-01-01T10:37:00Z"\
},\
{\
"restrictionType": "customPasswordAddition",\
"maxLifetime": null,\
"restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"\
},\
{\
"restrictionType": "symmetricKeyLifetime",\
"maxLifetime": "P30D",\
"restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"\
}\
],\
"keyCredentials": [\
{\
"restrictionType": "asymmetricKeyLifetime",\
"maxLifetime": "P30D",\
"restrictForAppsCreatedAfterDateTime": "2015-01-01T10:37:00Z"\
},\
{\
"restrictionType": "trustedCertificateAuthority",\
"restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z",\
"certificateBasedApplicationConfigurationIds": [\
"eec5ba11-2fc0-4113-83a2-ed986ed13743",\
"bb8e164b-f9ed-4b98-bc45-65eddc14f4c1"\
],\
"maxLifetime": null\
}\
],\
"identifierUris": {\
"nonDefaultUriAddition": {\
"restrictForAppsCreatedAfterDateTime": "2024-01-01T10:37:00Z",\
"excludeAppsReceivingV2Tokens": true,\
"excludeSaml": true\
}\
}\
}\
}\
'
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewTenantAppManagementPolicy()
isEnabled := true
requestBody.SetIsEnabled(&isEnabled)
applicationRestrictions := graphmodels.NewAppManagementApplicationConfiguration()
passwordCredentialConfiguration := graphmodels.NewPasswordCredentialConfiguration()
restrictionType := graphmodels.PASSWORDADDITION_APPCREDENTIALRESTRICTIONTYPE
passwordCredentialConfiguration.SetRestrictionType(&restrictionType)
maxLifetime := null
passwordCredentialConfiguration.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2021-01-01T10:37:00Z")
passwordCredentialConfiguration.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
passwordCredentialConfiguration1 := graphmodels.NewPasswordCredentialConfiguration()
restrictionType := graphmodels.PASSWORDLIFETIME_APPCREDENTIALRESTRICTIONTYPE
passwordCredentialConfiguration1.SetRestrictionType(&restrictionType)
maxLifetime , err := abstractions.ParseISODuration("P90D")
passwordCredentialConfiguration1.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2017-01-01T10:37:00Z")
passwordCredentialConfiguration1.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
passwordCredentialConfiguration2 := graphmodels.NewPasswordCredentialConfiguration()
restrictionType := graphmodels.SYMMETRICKEYADDITION_APPCREDENTIALRESTRICTIONTYPE
passwordCredentialConfiguration2.SetRestrictionType(&restrictionType)
maxLifetime := null
passwordCredentialConfiguration2.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2021-01-01T10:37:00Z")
passwordCredentialConfiguration2.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
passwordCredentialConfiguration3 := graphmodels.NewPasswordCredentialConfiguration()
restrictionType := graphmodels.CUSTOMPASSWORDADDITION_APPCREDENTIALRESTRICTIONTYPE
passwordCredentialConfiguration3.SetRestrictionType(&restrictionType)
maxLifetime := null
passwordCredentialConfiguration3.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2015-01-01T10:37:00Z")
passwordCredentialConfiguration3.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
passwordCredentialConfiguration4 := graphmodels.NewPasswordCredentialConfiguration()
restrictionType := graphmodels.SYMMETRICKEYLIFETIME_APPCREDENTIALRESTRICTIONTYPE
passwordCredentialConfiguration4.SetRestrictionType(&restrictionType)
maxLifetime , err := abstractions.ParseISODuration("P30D")
passwordCredentialConfiguration4.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2015-01-01T10:37:00Z")
passwordCredentialConfiguration4.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
passwordCredentials := []graphmodels.PasswordCredentialConfigurationable {
passwordCredentialConfiguration,
passwordCredentialConfiguration1,
passwordCredentialConfiguration2,
passwordCredentialConfiguration3,
passwordCredentialConfiguration4,
}
applicationRestrictions.SetPasswordCredentials(passwordCredentials)
keyCredentialConfiguration := graphmodels.NewKeyCredentialConfiguration()
restrictionType := graphmodels.ASYMMETRICKEYLIFETIME_APPKEYCREDENTIALRESTRICTIONTYPE
keyCredentialConfiguration.SetRestrictionType(&restrictionType)
maxLifetime , err := abstractions.ParseISODuration("P30D")
keyCredentialConfiguration.SetMaxLifetime(&maxLifetime)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2015-01-01T10:37:00Z")
keyCredentialConfiguration.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
keyCredentialConfiguration1 := graphmodels.NewKeyCredentialConfiguration()
restrictionType := graphmodels.TRUSTEDCERTIFICATEAUTHORITY_APPKEYCREDENTIALRESTRICTIONTYPE
keyCredentialConfiguration1.SetRestrictionType(&restrictionType)
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2019-10-19T10:37:00Z")
keyCredentialConfiguration1.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
certificateBasedApplicationConfigurationIds := []string {
"eec5ba11-2fc0-4113-83a2-ed986ed13743",
"bb8e164b-f9ed-4b98-bc45-65eddc14f4c1",
}
keyCredentialConfiguration1.SetCertificateBasedApplicationConfigurationIds(certificateBasedApplicationConfigurationIds)
maxLifetime := null
keyCredentialConfiguration1.SetMaxLifetime(&maxLifetime)
keyCredentials := []graphmodels.KeyCredentialConfigurationable {
keyCredentialConfiguration,
keyCredentialConfiguration1,
}
applicationRestrictions.SetKeyCredentials(keyCredentials)
identifierUris := graphmodels.NewIdentifierUriConfiguration()
nonDefaultUriAddition := graphmodels.NewIdentifierUriRestriction()
restrictForAppsCreatedAfterDateTime , err := time.Parse(time.RFC3339, "2024-01-01T10:37:00Z")
nonDefaultUriAddition.SetRestrictForAppsCreatedAfterDateTime(&restrictForAppsCreatedAfterDateTime)
excludeAppsReceivingV2Tokens := true
nonDefaultUriAddition.SetExcludeAppsReceivingV2Tokens(&excludeAppsReceivingV2Tokens)
excludeSaml := true
nonDefaultUriAddition.SetExcludeSaml(&excludeSaml)
identifierUris.SetNonDefaultUriAddition(nonDefaultUriAddition)
applicationRestrictions.SetIdentifierUris(identifierUris)
requestBody.SetApplicationRestrictions(applicationRestrictions)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
defaultAppManagementPolicy, err := graphClient.Policies().DefaultAppManagementPolicy().Patch(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
TenantAppManagementPolicy tenantAppManagementPolicy = new TenantAppManagementPolicy();
tenantAppManagementPolicy.setIsEnabled(true);
AppManagementApplicationConfiguration applicationRestrictions = new AppManagementApplicationConfiguration();
LinkedList<PasswordCredentialConfiguration> passwordCredentials = new LinkedList<PasswordCredentialConfiguration>();
PasswordCredentialConfiguration passwordCredentialConfiguration = new PasswordCredentialConfiguration();
passwordCredentialConfiguration.setRestrictionType(AppCredentialRestrictionType.PasswordAddition);
passwordCredentialConfiguration.setMaxLifetime(null);
OffsetDateTime restrictForAppsCreatedAfterDateTime = OffsetDateTime.parse("2021-01-01T10:37:00Z");
passwordCredentialConfiguration.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime);
passwordCredentials.add(passwordCredentialConfiguration);
PasswordCredentialConfiguration passwordCredentialConfiguration1 = new PasswordCredentialConfiguration();
passwordCredentialConfiguration1.setRestrictionType(AppCredentialRestrictionType.PasswordLifetime);
PeriodAndDuration maxLifetime1 = PeriodAndDuration.ofDuration(Duration.parse("P90D"));
passwordCredentialConfiguration1.setMaxLifetime(maxLifetime1);
OffsetDateTime restrictForAppsCreatedAfterDateTime1 = OffsetDateTime.parse("2017-01-01T10:37:00Z");
passwordCredentialConfiguration1.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime1);
passwordCredentials.add(passwordCredentialConfiguration1);
PasswordCredentialConfiguration passwordCredentialConfiguration2 = new PasswordCredentialConfiguration();
passwordCredentialConfiguration2.setRestrictionType(AppCredentialRestrictionType.SymmetricKeyAddition);
passwordCredentialConfiguration2.setMaxLifetime(null);
OffsetDateTime restrictForAppsCreatedAfterDateTime2 = OffsetDateTime.parse("2021-01-01T10:37:00Z");
passwordCredentialConfiguration2.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime2);
passwordCredentials.add(passwordCredentialConfiguration2);
PasswordCredentialConfiguration passwordCredentialConfiguration3 = new PasswordCredentialConfiguration();
passwordCredentialConfiguration3.setRestrictionType(AppCredentialRestrictionType.CustomPasswordAddition);
passwordCredentialConfiguration3.setMaxLifetime(null);
OffsetDateTime restrictForAppsCreatedAfterDateTime3 = OffsetDateTime.parse("2015-01-01T10:37:00Z");
passwordCredentialConfiguration3.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime3);
passwordCredentials.add(passwordCredentialConfiguration3);
PasswordCredentialConfiguration passwordCredentialConfiguration4 = new PasswordCredentialConfiguration();
passwordCredentialConfiguration4.setRestrictionType(AppCredentialRestrictionType.SymmetricKeyLifetime);
PeriodAndDuration maxLifetime4 = PeriodAndDuration.ofDuration(Duration.parse("P30D"));
passwordCredentialConfiguration4.setMaxLifetime(maxLifetime4);
OffsetDateTime restrictForAppsCreatedAfterDateTime4 = OffsetDateTime.parse("2015-01-01T10:37:00Z");
passwordCredentialConfiguration4.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime4);
passwordCredentials.add(passwordCredentialConfiguration4);
applicationRestrictions.setPasswordCredentials(passwordCredentials);
LinkedList<KeyCredentialConfiguration> keyCredentials = new LinkedList<KeyCredentialConfiguration>();
KeyCredentialConfiguration keyCredentialConfiguration = new KeyCredentialConfiguration();
keyCredentialConfiguration.setRestrictionType(AppKeyCredentialRestrictionType.AsymmetricKeyLifetime);
PeriodAndDuration maxLifetime5 = PeriodAndDuration.ofDuration(Duration.parse("P30D"));
keyCredentialConfiguration.setMaxLifetime(maxLifetime5);
OffsetDateTime restrictForAppsCreatedAfterDateTime5 = OffsetDateTime.parse("2015-01-01T10:37:00Z");
keyCredentialConfiguration.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime5);
keyCredentials.add(keyCredentialConfiguration);
KeyCredentialConfiguration keyCredentialConfiguration1 = new KeyCredentialConfiguration();
keyCredentialConfiguration1.setRestrictionType(AppKeyCredentialRestrictionType.TrustedCertificateAuthority);
OffsetDateTime restrictForAppsCreatedAfterDateTime6 = OffsetDateTime.parse("2019-10-19T10:37:00Z");
keyCredentialConfiguration1.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime6);
LinkedList<String> certificateBasedApplicationConfigurationIds = new LinkedList<String>();
certificateBasedApplicationConfigurationIds.add("eec5ba11-2fc0-4113-83a2-ed986ed13743");
certificateBasedApplicationConfigurationIds.add("bb8e164b-f9ed-4b98-bc45-65eddc14f4c1");
keyCredentialConfiguration1.setCertificateBasedApplicationConfigurationIds(certificateBasedApplicationConfigurationIds);
keyCredentialConfiguration1.setMaxLifetime(null);
keyCredentials.add(keyCredentialConfiguration1);
applicationRestrictions.setKeyCredentials(keyCredentials);
IdentifierUriConfiguration identifierUris = new IdentifierUriConfiguration();
IdentifierUriRestriction nonDefaultUriAddition = new IdentifierUriRestriction();
OffsetDateTime restrictForAppsCreatedAfterDateTime7 = OffsetDateTime.parse("2024-01-01T10:37:00Z");
nonDefaultUriAddition.setRestrictForAppsCreatedAfterDateTime(restrictForAppsCreatedAfterDateTime7);
nonDefaultUriAddition.setExcludeAppsReceivingV2Tokens(true);
nonDefaultUriAddition.setExcludeSaml(true);
identifierUris.setNonDefaultUriAddition(nonDefaultUriAddition);
applicationRestrictions.setIdentifierUris(identifierUris);
tenantAppManagementPolicy.setApplicationRestrictions(applicationRestrictions);
TenantAppManagementPolicy result = graphClient.policies().defaultAppManagementPolicy().patch(tenantAppManagementPolicy);
const options = {
authProvider,
};
const client = Client.init(options);
const tenantAppManagementPolicy = {
isEnabled: true,
applicationRestrictions: {
passwordCredentials: [
{
restrictionType: 'passwordAddition',
maxLifetime: null,
restrictForAppsCreatedAfterDateTime: '2021-01-01T10:37:00Z'
},
{
restrictionType: 'passwordLifetime',
maxLifetime: 'P90D',
restrictForAppsCreatedAfterDateTime: '2017-01-01T10:37:00Z'
},
{
restrictionType: 'symmetricKeyAddition',
maxLifetime: null,
restrictForAppsCreatedAfterDateTime: '2021-01-01T10:37:00Z'
},
{
restrictionType: 'customPasswordAddition',
maxLifetime: null,
restrictForAppsCreatedAfterDateTime: '2015-01-01T10:37:00Z'
},
{
restrictionType: 'symmetricKeyLifetime',
maxLifetime: 'P30D',
restrictForAppsCreatedAfterDateTime: '2015-01-01T10:37:00Z'
}
],
keyCredentials: [
{
restrictionType: 'asymmetricKeyLifetime',
maxLifetime: 'P30D',
restrictForAppsCreatedAfterDateTime: '2015-01-01T10:37:00Z'
},
{
restrictionType: 'trustedCertificateAuthority',
restrictForAppsCreatedAfterDateTime: '2019-10-19T10:37:00Z',
certificateBasedApplicationConfigurationIds: [
'eec5ba11-2fc0-4113-83a2-ed986ed13743',
'bb8e164b-f9ed-4b98-bc45-65eddc14f4c1'
],
maxLifetime: null
}
],
identifierUris: {
nonDefaultUriAddition: {
restrictForAppsCreatedAfterDateTime: '2024-01-01T10:37:00Z',
excludeAppsReceivingV2Tokens: true,
excludeSaml: true
}
}
}
};
await client.api('/policies/defaultAppManagementPolicy')
.version('beta')
.update(tenantAppManagementPolicy);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\TenantAppManagementPolicy;
use Microsoft\Graph\Beta\Generated\Models\AppManagementApplicationConfiguration;
use Microsoft\Graph\Beta\Generated\Models\PasswordCredentialConfiguration;
use Microsoft\Graph\Beta\Generated\Models\AppCredentialRestrictionType;
use Microsoft\Graph\Beta\Generated\Models\KeyCredentialConfiguration;
use Microsoft\Graph\Beta\Generated\Models\AppKeyCredentialRestrictionType;
use Microsoft\Graph\Beta\Generated\Models\IdentifierUriConfiguration;
use Microsoft\Graph\Beta\Generated\Models\IdentifierUriRestriction;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new TenantAppManagementPolicy();
$requestBody->setIsEnabled(true);
$applicationRestrictions = new AppManagementApplicationConfiguration();
$passwordCredentialsPasswordCredentialConfiguration1 = new PasswordCredentialConfiguration();
$passwordCredentialsPasswordCredentialConfiguration1->setRestrictionType(new AppCredentialRestrictionType('passwordAddition'));
$passwordCredentialsPasswordCredentialConfiguration1->setMaxLifetime(null);
$passwordCredentialsPasswordCredentialConfiguration1->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2021-01-01T10:37:00Z'));
$passwordCredentialsArray []= $passwordCredentialsPasswordCredentialConfiguration1;
$passwordCredentialsPasswordCredentialConfiguration2 = new PasswordCredentialConfiguration();
$passwordCredentialsPasswordCredentialConfiguration2->setRestrictionType(new AppCredentialRestrictionType('passwordLifetime'));
$passwordCredentialsPasswordCredentialConfiguration2->setMaxLifetime(new \DateInterval('P90D'));
$passwordCredentialsPasswordCredentialConfiguration2->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2017-01-01T10:37:00Z'));
$passwordCredentialsArray []= $passwordCredentialsPasswordCredentialConfiguration2;
$passwordCredentialsPasswordCredentialConfiguration3 = new PasswordCredentialConfiguration();
$passwordCredentialsPasswordCredentialConfiguration3->setRestrictionType(new AppCredentialRestrictionType('symmetricKeyAddition'));
$passwordCredentialsPasswordCredentialConfiguration3->setMaxLifetime(null);
$passwordCredentialsPasswordCredentialConfiguration3->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2021-01-01T10:37:00Z'));
$passwordCredentialsArray []= $passwordCredentialsPasswordCredentialConfiguration3;
$passwordCredentialsPasswordCredentialConfiguration4 = new PasswordCredentialConfiguration();
$passwordCredentialsPasswordCredentialConfiguration4->setRestrictionType(new AppCredentialRestrictionType('customPasswordAddition'));
$passwordCredentialsPasswordCredentialConfiguration4->setMaxLifetime(null);
$passwordCredentialsPasswordCredentialConfiguration4->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2015-01-01T10:37:00Z'));
$passwordCredentialsArray []= $passwordCredentialsPasswordCredentialConfiguration4;
$passwordCredentialsPasswordCredentialConfiguration5 = new PasswordCredentialConfiguration();
$passwordCredentialsPasswordCredentialConfiguration5->setRestrictionType(new AppCredentialRestrictionType('symmetricKeyLifetime'));
$passwordCredentialsPasswordCredentialConfiguration5->setMaxLifetime(new \DateInterval('P30D'));
$passwordCredentialsPasswordCredentialConfiguration5->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2015-01-01T10:37:00Z'));
$passwordCredentialsArray []= $passwordCredentialsPasswordCredentialConfiguration5;
$applicationRestrictions->setPasswordCredentials($passwordCredentialsArray);
$keyCredentialsKeyCredentialConfiguration1 = new KeyCredentialConfiguration();
$keyCredentialsKeyCredentialConfiguration1->setRestrictionType(new AppKeyCredentialRestrictionType('asymmetricKeyLifetime'));
$keyCredentialsKeyCredentialConfiguration1->setMaxLifetime(new \DateInterval('P30D'));
$keyCredentialsKeyCredentialConfiguration1->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2015-01-01T10:37:00Z'));
$keyCredentialsArray []= $keyCredentialsKeyCredentialConfiguration1;
$keyCredentialsKeyCredentialConfiguration2 = new KeyCredentialConfiguration();
$keyCredentialsKeyCredentialConfiguration2->setRestrictionType(new AppKeyCredentialRestrictionType('trustedCertificateAuthority'));
$keyCredentialsKeyCredentialConfiguration2->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2019-10-19T10:37:00Z'));
$keyCredentialsKeyCredentialConfiguration2->setCertificateBasedApplicationConfigurationIds(['eec5ba11-2fc0-4113-83a2-ed986ed13743', 'bb8e164b-f9ed-4b98-bc45-65eddc14f4c1', ]);
$keyCredentialsKeyCredentialConfiguration2->setMaxLifetime(null);
$keyCredentialsArray []= $keyCredentialsKeyCredentialConfiguration2;
$applicationRestrictions->setKeyCredentials($keyCredentialsArray);
$applicationRestrictionsIdentifierUris = new IdentifierUriConfiguration();
$applicationRestrictionsIdentifierUrisNonDefaultUriAddition = new IdentifierUriRestriction();
$applicationRestrictionsIdentifierUrisNonDefaultUriAddition->setRestrictForAppsCreatedAfterDateTime(new \DateTime('2024-01-01T10:37:00Z'));
$applicationRestrictionsIdentifierUrisNonDefaultUriAddition->setExcludeAppsReceivingV2Tokens(true);
$applicationRestrictionsIdentifierUrisNonDefaultUriAddition->setExcludeSaml(true);
$applicationRestrictionsIdentifierUris->setNonDefaultUriAddition($applicationRestrictionsIdentifierUrisNonDefaultUriAddition);
$applicationRestrictions->setIdentifierUris($applicationRestrictionsIdentifierUris);
$requestBody->setApplicationRestrictions($applicationRestrictions);
$result = $graphServiceClient->policies()->defaultAppManagementPolicy()->patch($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
isEnabled = $true
applicationRestrictions = @{
passwordCredentials = @(
@{
restrictionType = "passwordAddition"
maxLifetime = $null
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2021-01-01T10:37:00Z")
}
@{
restrictionType = "passwordLifetime"
maxLifetime = "P90D"
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2017-01-01T10:37:00Z")
}
@{
restrictionType = "symmetricKeyAddition"
maxLifetime = $null
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2021-01-01T10:37:00Z")
}
@{
restrictionType = "customPasswordAddition"
maxLifetime = $null
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2015-01-01T10:37:00Z")
}
@{
restrictionType = "symmetricKeyLifetime"
maxLifetime = "P30D"
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2015-01-01T10:37:00Z")
}
)
keyCredentials = @(
@{
restrictionType = "asymmetricKeyLifetime"
maxLifetime = "P30D"
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2015-01-01T10:37:00Z")
}
@{
restrictionType = "trustedCertificateAuthority"
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2019-10-19T10:37:00Z")
certificateBasedApplicationConfigurationIds = @(
"eec5ba11-2fc0-4113-83a2-ed986ed13743"
"bb8e164b-f9ed-4b98-bc45-65eddc14f4c1"
)
maxLifetime = $null
}
)
identifierUris = @{
nonDefaultUriAddition = @{
restrictForAppsCreatedAfterDateTime = [System.DateTime]::Parse("2024-01-01T10:37:00Z")
excludeAppsReceivingV2Tokens = $true
excludeSaml = $true
}
}
}
}
Update-MgBetaPolicyDefaultAppManagementPolicy -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.tenant_app_management_policy import TenantAppManagementPolicy
from msgraph_beta.generated.models.app_management_application_configuration import AppManagementApplicationConfiguration
from msgraph_beta.generated.models.password_credential_configuration import PasswordCredentialConfiguration
from msgraph_beta.generated.models.app_credential_restriction_type import AppCredentialRestrictionType
from msgraph_beta.generated.models.key_credential_configuration import KeyCredentialConfiguration
from msgraph_beta.generated.models.app_key_credential_restriction_type import AppKeyCredentialRestrictionType
from msgraph_beta.generated.models.identifier_uri_configuration import IdentifierUriConfiguration
from msgraph_beta.generated.models.identifier_uri_restriction import IdentifierUriRestriction
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = TenantAppManagementPolicy(
is_enabled = True,
application_restrictions = AppManagementApplicationConfiguration(
password_credentials = [
PasswordCredentialConfiguration(
restriction_type = AppCredentialRestrictionType.PasswordAddition,
max_lifetime = None,
restrict_for_apps_created_after_date_time = "2021-01-01T10:37:00Z",
),
PasswordCredentialConfiguration(
restriction_type = AppCredentialRestrictionType.PasswordLifetime,
max_lifetime = "P90D",
restrict_for_apps_created_after_date_time = "2017-01-01T10:37:00Z",
),
PasswordCredentialConfiguration(
restriction_type = AppCredentialRestrictionType.SymmetricKeyAddition,
max_lifetime = None,
restrict_for_apps_created_after_date_time = "2021-01-01T10:37:00Z",
),
PasswordCredentialConfiguration(
restriction_type = AppCredentialRestrictionType.CustomPasswordAddition,
max_lifetime = None,
restrict_for_apps_created_after_date_time = "2015-01-01T10:37:00Z",
),
PasswordCredentialConfiguration(
restriction_type = AppCredentialRestrictionType.SymmetricKeyLifetime,
max_lifetime = "P30D",
restrict_for_apps_created_after_date_time = "2015-01-01T10:37:00Z",
),
],
key_credentials = [
KeyCredentialConfiguration(
restriction_type = AppKeyCredentialRestrictionType.AsymmetricKeyLifetime,
max_lifetime = "P30D",
restrict_for_apps_created_after_date_time = "2015-01-01T10:37:00Z",
),
KeyCredentialConfiguration(
restriction_type = AppKeyCredentialRestrictionType.TrustedCertificateAuthority,
restrict_for_apps_created_after_date_time = "2019-10-19T10:37:00Z",
certificate_based_application_configuration_ids = [
"eec5ba11-2fc0-4113-83a2-ed986ed13743",
"bb8e164b-f9ed-4b98-bc45-65eddc14f4c1",
],
max_lifetime = None,
),
],
identifier_uris = IdentifierUriConfiguration(
non_default_uri_addition = IdentifierUriRestriction(
restrict_for_apps_created_after_date_time = "2024-01-01T10:37:00Z",
exclude_apps_receiving_v2_tokens = True,
exclude_saml = True,
),
),
),
)
result = await graph_client.policies.default_app_management_policy.patch(request_body)
O exemplo a seguir mostra a resposta.