From d9ce6206f6a8b343b82640b7d1041c41ddc68edc Mon Sep 17 00:00:00 2001 From: Microsoft Graph DevX Tooling Date: Tue, 20 Jan 2026 11:17:27 +0000 Subject: [PATCH] Update clean v1.0 metadata file with 208109 --- openapi/v1.0/default.yaml | 74 +++++++++++++++++++- openapi/v1.0/graphexplorer.yaml | 118 +++++++++++++++++++++++++++++++- openapi/v1.0/openapi.yaml | 78 ++++++++++++++++++++- openapi/v1.0/powershell_v2.yaml | 74 +++++++++++++++++++- 4 files changed, 336 insertions(+), 8 deletions(-) diff --git a/openapi/v1.0/default.yaml b/openapi/v1.0/default.yaml index de5bc5a5..a6a30aca 100644 --- a/openapi/v1.0/default.yaml +++ b/openapi/v1.0/default.yaml @@ -772700,6 +772700,8 @@ components: type: string description: The name of the policy to be created. nullable: true + isEnabled: + type: boolean lastModifiedBy: anyOf: - $ref: '#/components/schemas/microsoft.graph.identitySet' @@ -772712,6 +772714,11 @@ components: description: The timestamp of the last modification of the policy. format: date-time nullable: true + protectionPolicyArtifactCount: + anyOf: + - $ref: '#/components/schemas/microsoft.graph.protectionPolicyArtifactCount' + - type: object + nullable: true retentionSettings: type: array items: @@ -775213,7 +775220,7 @@ components: description: 'Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,Client apps can specify a resource URI that is based on the values of this property to acquire an access token, which is the URI returned in the ''aud'' claim.The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith).' servicePrincipalType: type: string - description: 'Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren''t issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can''t be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn''t have an associated app registration. The appId value doesn''t associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.SocialIdp - For internal use.' + description: 'Identifies whether the service principal represents an application, a managed identity, or a legacy application. This property is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren''t issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can''t be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn''t have an associated app registration. The appId value doesn''t associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.ServiceIdentity - A service principal that represents an agent identity.SocialIdp - For internal use.' nullable: true signInAudience: type: string @@ -799950,6 +799957,34 @@ components: labelId: type: string description: The unique identifier for the sensitivity label applied to the content. + microsoft.graph.protectionPolicyArtifactCount: + title: protectionPolicyArtifactCount + type: object + properties: + completed: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + failed: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + inProgress: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + total: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true microsoft.graph.provisionChannelEmailResult: title: provisionChannelEmailResult type: object @@ -821413,7 +821448,7 @@ components: - $ref: '#/components/schemas/microsoft.graph.security.detectionSource' - type: object nullable: true - description: 'Detection technology or sensor that identified the notable component or activity. The possible values are: unknown, microsoftDefenderForEndpoint, antivirus, smartScreen, customTi, microsoftDefenderForOffice365, automatedInvestigation, microsoftThreatExperts, customDetection, microsoftDefenderForIdentity, cloudAppSecurity, microsoft365Defender, azureAdIdentityProtection, manual, microsoftDataLossPrevention, appGovernancePolicy, appGovernanceDetection, unknownFutureValue, microsoftDefenderForCloud, microsoftDefenderForIoT, microsoftDefenderForServers, microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, microsoftDefenderForNetwork, microsoftDefenderForAppService, microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence, microsoftDefenderForAIServices, securityCopilot. Use the Prefer: include-unknown-enum-members request header to get the following values in this evolvable enum: microsoftDefenderForCloud, microsoftDefenderForIoT, microsoftDefenderForServers, microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, microsoftDefenderForNetwork, microsoftDefenderForAppService, microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence, microsoftDefenderForAIServices, securityCopilot.' + description: Detection technology or sensor that identified the notable component or activity. detectorId: type: string description: The ID of the detector that triggered the alert. @@ -822954,6 +822989,12 @@ components: type: string description: Time when the incident was last updated. format: date-time + priorityScore: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true redirectIncidentId: type: string description: 'Only populated in case an incident is grouped with another incident, as part of the logic that processes incidents. In such a case, the status property is redirected.' @@ -823443,6 +823484,8 @@ components: format: int64 sensorType: $ref: '#/components/schemas/microsoft.graph.security.sensorType' + serviceStatus: + $ref: '#/components/schemas/microsoft.graph.security.serviceStatus' settings: $ref: '#/components/schemas/microsoft.graph.security.sensorSettings' version: @@ -823463,6 +823506,9 @@ components: computerDnsName: type: string description: The DNS name of the computer associated with the sensor. + domainName: + type: string + description: The domain name of the sensor. lastSeenDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' type: string @@ -827248,6 +827294,17 @@ components: - microsoftInsiderRiskManagement - microsoftThreatIntelligence type: string + microsoft.graph.security.serviceStatus: + title: serviceStatus + enum: + - stopped + - starting + - running + - disabled + - onboarding + - unknown + - unknownFutureValue + type: string microsoft.graph.security.sourceType: title: sourceType enum: @@ -854238,9 +854295,12 @@ components: '@odata.type': microsoft.graph.identitySet createdDateTime: '0001-01-01T00:00:00.0000000+00:00' displayName: String + isEnabled: 'true' lastModifiedBy: '@odata.type': microsoft.graph.identitySet lastModifiedDateTime: '0001-01-01T00:00:00.0000000+00:00' + protectionPolicyArtifactCount: + '@odata.type': microsoft.graph.protectionPolicyArtifactCount retentionSettings: - '@odata.type': microsoft.graph.retentionSetting status: @@ -862554,6 +862614,12 @@ components: cid: String format: String labelId: String + microsoft.graph.protectionPolicyArtifactCount: + value: + completed: '0' + failed: '0' + inProgress: '0' + total: '0' microsoft.graph.provisionChannelEmailResult: value: email: String @@ -866090,6 +866156,7 @@ components: incidentWebUrl: String lastModifiedBy: String lastUpdateDateTime: '0001-01-01T00:00:00.0000000+00:00' + priorityScore: '0' redirectIncidentId: String resolvingComment: String severity: @@ -866249,12 +866316,15 @@ components: openHealthIssuesCount: '0' sensorType: '@odata.type': microsoft.graph.security.sensorType + serviceStatus: + '@odata.type': microsoft.graph.security.serviceStatus settings: '@odata.type': microsoft.graph.security.sensorSettings version: String microsoft.graph.security.sensorCandidate: value: computerDnsName: String + domainName: String lastSeenDateTime: '0001-01-01T00:00:00.0000000+00:00' senseClientVersion: String microsoft.graph.security.sensorCandidateActivationConfiguration: diff --git a/openapi/v1.0/graphexplorer.yaml b/openapi/v1.0/graphexplorer.yaml index 8669208f..e60ec44e 100644 --- a/openapi/v1.0/graphexplorer.yaml +++ b/openapi/v1.0/graphexplorer.yaml @@ -634100,6 +634100,8 @@ paths: - id desc - computerDnsName - computerDnsName desc + - domainName + - domainName desc - lastSeenDateTime - lastSeenDateTime desc - senseClientVersion @@ -634117,6 +634119,7 @@ paths: enum: - id - computerDnsName + - domainName - lastSeenDateTime - senseClientVersion type: string @@ -634191,6 +634194,7 @@ paths: enum: - id - computerDnsName + - domainName - lastSeenDateTime - senseClientVersion type: string @@ -634353,6 +634357,8 @@ paths: - openHealthIssuesCount desc - sensorType - sensorType desc + - serviceStatus + - serviceStatus desc - settings - settings desc - version @@ -634376,6 +634382,7 @@ paths: - healthStatus - openHealthIssuesCount - sensorType + - serviceStatus - settings - version - healthIssues @@ -634461,6 +634468,7 @@ paths: - healthStatus - openHealthIssuesCount - sensorType + - serviceStatus - settings - version - healthIssues @@ -634873,6 +634881,8 @@ paths: - lastModifiedBy desc - lastUpdateDateTime - lastUpdateDateTime desc + - priorityScore + - priorityScore desc - redirectIncidentId - redirectIncidentId desc - resolvingComment @@ -634910,6 +634920,7 @@ paths: - incidentWebUrl - lastModifiedBy - lastUpdateDateTime + - priorityScore - redirectIncidentId - resolvingComment - severity @@ -635004,6 +635015,7 @@ paths: - incidentWebUrl - lastModifiedBy - lastUpdateDateTime + - priorityScore - redirectIncidentId - resolvingComment - severity @@ -746900,10 +746912,14 @@ paths: - createdDateTime desc - displayName - displayName desc + - isEnabled + - isEnabled desc - lastModifiedBy - lastModifiedBy desc - lastModifiedDateTime - lastModifiedDateTime desc + - protectionPolicyArtifactCount + - protectionPolicyArtifactCount desc - retentionSettings - retentionSettings desc - status @@ -746923,8 +746939,10 @@ paths: - createdBy - createdDateTime - displayName + - isEnabled - lastModifiedBy - lastModifiedDateTime + - protectionPolicyArtifactCount - retentionSettings - status - mailboxInclusionRules @@ -747011,8 +747029,10 @@ paths: - createdBy - createdDateTime - displayName + - isEnabled - lastModifiedBy - lastModifiedDateTime + - protectionPolicyArtifactCount - retentionSettings - status - mailboxInclusionRules @@ -749706,10 +749726,14 @@ paths: - createdDateTime desc - displayName - displayName desc + - isEnabled + - isEnabled desc - lastModifiedBy - lastModifiedBy desc - lastModifiedDateTime - lastModifiedDateTime desc + - protectionPolicyArtifactCount + - protectionPolicyArtifactCount desc - retentionSettings - retentionSettings desc - status @@ -749729,8 +749753,10 @@ paths: - createdBy - createdDateTime - displayName + - isEnabled - lastModifiedBy - lastModifiedDateTime + - protectionPolicyArtifactCount - retentionSettings - status - driveInclusionRules @@ -749817,8 +749843,10 @@ paths: - createdBy - createdDateTime - displayName + - isEnabled - lastModifiedBy - lastModifiedDateTime + - protectionPolicyArtifactCount - retentionSettings - status - driveInclusionRules @@ -751424,10 +751452,14 @@ paths: - createdDateTime desc - displayName - displayName desc + - isEnabled + - isEnabled desc - lastModifiedBy - lastModifiedBy desc - lastModifiedDateTime - lastModifiedDateTime desc + - protectionPolicyArtifactCount + - protectionPolicyArtifactCount desc - retentionSettings - retentionSettings desc - status @@ -751447,8 +751479,10 @@ paths: - createdBy - createdDateTime - displayName + - isEnabled - lastModifiedBy - lastModifiedDateTime + - protectionPolicyArtifactCount - retentionSettings - status type: string @@ -751525,8 +751559,10 @@ paths: - createdBy - createdDateTime - displayName + - isEnabled - lastModifiedBy - lastModifiedDateTime + - protectionPolicyArtifactCount - retentionSettings - status type: string @@ -753371,10 +753407,14 @@ paths: - createdDateTime desc - displayName - displayName desc + - isEnabled + - isEnabled desc - lastModifiedBy - lastModifiedBy desc - lastModifiedDateTime - lastModifiedDateTime desc + - protectionPolicyArtifactCount + - protectionPolicyArtifactCount desc - retentionSettings - retentionSettings desc - status @@ -753394,8 +753434,10 @@ paths: - createdBy - createdDateTime - displayName + - isEnabled - lastModifiedBy - lastModifiedDateTime + - protectionPolicyArtifactCount - retentionSettings - status - siteInclusionRules @@ -753482,8 +753524,10 @@ paths: - createdBy - createdDateTime - displayName + - isEnabled - lastModifiedBy - lastModifiedDateTime + - protectionPolicyArtifactCount - retentionSettings - status - siteInclusionRules @@ -955552,6 +955596,8 @@ components: type: string description: The name of the policy to be created. nullable: true + isEnabled: + type: boolean lastModifiedBy: anyOf: - $ref: '#/components/schemas/microsoft.graph.identitySet' @@ -955564,6 +955610,11 @@ components: description: The timestamp of the last modification of the policy. format: date-time nullable: true + protectionPolicyArtifactCount: + anyOf: + - $ref: '#/components/schemas/microsoft.graph.protectionPolicyArtifactCount' + - type: object + nullable: true retentionSettings: type: array items: @@ -958065,7 +958116,7 @@ components: description: 'Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,Client apps can specify a resource URI that is based on the values of this property to acquire an access token, which is the URI returned in the ''aud'' claim.The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith).' servicePrincipalType: type: string - description: 'Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren''t issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can''t be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn''t have an associated app registration. The appId value doesn''t associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.SocialIdp - For internal use.' + description: 'Identifies whether the service principal represents an application, a managed identity, or a legacy application. This property is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren''t issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can''t be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn''t have an associated app registration. The appId value doesn''t associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.ServiceIdentity - A service principal that represents an agent identity.SocialIdp - For internal use.' nullable: true signInAudience: type: string @@ -982802,6 +982853,34 @@ components: labelId: type: string description: The unique identifier for the sensitivity label applied to the content. + microsoft.graph.protectionPolicyArtifactCount: + title: protectionPolicyArtifactCount + type: object + properties: + completed: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + failed: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + inProgress: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + total: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true microsoft.graph.provisionChannelEmailResult: title: provisionChannelEmailResult type: object @@ -1004265,7 +1004344,7 @@ components: - $ref: '#/components/schemas/microsoft.graph.security.detectionSource' - type: object nullable: true - description: 'Detection technology or sensor that identified the notable component or activity. The possible values are: unknown, microsoftDefenderForEndpoint, antivirus, smartScreen, customTi, microsoftDefenderForOffice365, automatedInvestigation, microsoftThreatExperts, customDetection, microsoftDefenderForIdentity, cloudAppSecurity, microsoft365Defender, azureAdIdentityProtection, manual, microsoftDataLossPrevention, appGovernancePolicy, appGovernanceDetection, unknownFutureValue, microsoftDefenderForCloud, microsoftDefenderForIoT, microsoftDefenderForServers, microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, microsoftDefenderForNetwork, microsoftDefenderForAppService, microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence, microsoftDefenderForAIServices, securityCopilot. Use the Prefer: include-unknown-enum-members request header to get the following values in this evolvable enum: microsoftDefenderForCloud, microsoftDefenderForIoT, microsoftDefenderForServers, microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, microsoftDefenderForNetwork, microsoftDefenderForAppService, microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence, microsoftDefenderForAIServices, securityCopilot.' + description: Detection technology or sensor that identified the notable component or activity. detectorId: type: string description: The ID of the detector that triggered the alert. @@ -1005806,6 +1005885,12 @@ components: type: string description: Time when the incident was last updated. format: date-time + priorityScore: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true redirectIncidentId: type: string description: 'Only populated in case an incident is grouped with another incident, as part of the logic that processes incidents. In such a case, the status property is redirected.' @@ -1006295,6 +1006380,8 @@ components: format: int64 sensorType: $ref: '#/components/schemas/microsoft.graph.security.sensorType' + serviceStatus: + $ref: '#/components/schemas/microsoft.graph.security.serviceStatus' settings: $ref: '#/components/schemas/microsoft.graph.security.sensorSettings' version: @@ -1006315,6 +1006402,9 @@ components: computerDnsName: type: string description: The DNS name of the computer associated with the sensor. + domainName: + type: string + description: The domain name of the sensor. lastSeenDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' type: string @@ -1010100,6 +1010190,17 @@ components: - microsoftInsiderRiskManagement - microsoftThreatIntelligence type: string + microsoft.graph.security.serviceStatus: + title: serviceStatus + enum: + - stopped + - starting + - running + - disabled + - onboarding + - unknown + - unknownFutureValue + type: string microsoft.graph.security.sourceType: title: sourceType enum: @@ -1037090,9 +1037191,12 @@ components: '@odata.type': microsoft.graph.identitySet createdDateTime: '0001-01-01T00:00:00.0000000+00:00' displayName: String + isEnabled: 'true' lastModifiedBy: '@odata.type': microsoft.graph.identitySet lastModifiedDateTime: '0001-01-01T00:00:00.0000000+00:00' + protectionPolicyArtifactCount: + '@odata.type': microsoft.graph.protectionPolicyArtifactCount retentionSettings: - '@odata.type': microsoft.graph.retentionSetting status: @@ -1045406,6 +1045510,12 @@ components: cid: String format: String labelId: String + microsoft.graph.protectionPolicyArtifactCount: + value: + completed: '0' + failed: '0' + inProgress: '0' + total: '0' microsoft.graph.provisionChannelEmailResult: value: email: String @@ -1048942,6 +1049052,7 @@ components: incidentWebUrl: String lastModifiedBy: String lastUpdateDateTime: '0001-01-01T00:00:00.0000000+00:00' + priorityScore: '0' redirectIncidentId: String resolvingComment: String severity: @@ -1049101,12 +1049212,15 @@ components: openHealthIssuesCount: '0' sensorType: '@odata.type': microsoft.graph.security.sensorType + serviceStatus: + '@odata.type': microsoft.graph.security.serviceStatus settings: '@odata.type': microsoft.graph.security.sensorSettings version: String microsoft.graph.security.sensorCandidate: value: computerDnsName: String + domainName: String lastSeenDateTime: '0001-01-01T00:00:00.0000000+00:00' senseClientVersion: String microsoft.graph.security.sensorCandidateActivationConfiguration: diff --git a/openapi/v1.0/openapi.yaml b/openapi/v1.0/openapi.yaml index 521df613..31ada7bb 100644 --- a/openapi/v1.0/openapi.yaml +++ b/openapi/v1.0/openapi.yaml @@ -764400,6 +764400,8 @@ components: type: string description: The name of the policy to be created. nullable: true + isEnabled: + type: boolean lastModifiedBy: anyOf: - $ref: '#/components/schemas/microsoft.graph.identitySet' @@ -764412,6 +764414,11 @@ components: description: The timestamp of the last modification of the policy. format: date-time nullable: true + protectionPolicyArtifactCount: + anyOf: + - $ref: '#/components/schemas/microsoft.graph.protectionPolicyArtifactCount' + - type: object + nullable: true retentionSettings: type: array items: @@ -767307,7 +767314,7 @@ components: description: 'Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,Client apps can specify a resource URI that is based on the values of this property to acquire an access token, which is the URI returned in the ''aud'' claim.The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith).' servicePrincipalType: type: string - description: 'Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren''t issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can''t be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn''t have an associated app registration. The appId value doesn''t associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.SocialIdp - For internal use.' + description: 'Identifies whether the service principal represents an application, a managed identity, or a legacy application. This property is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren''t issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can''t be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn''t have an associated app registration. The appId value doesn''t associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.ServiceIdentity - A service principal that represents an agent identity.SocialIdp - For internal use.' nullable: true signInAudience: type: string @@ -797403,6 +797410,38 @@ components: description: The unique identifier for the sensitivity label applied to the content. '@odata.type': type: string + microsoft.graph.protectionPolicyArtifactCount: + title: protectionPolicyArtifactCount + required: + - '@odata.type' + type: object + properties: + completed: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + failed: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + inProgress: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + total: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + '@odata.type': + type: string microsoft.graph.provisionChannelEmailResult: title: provisionChannelEmailResult required: @@ -821205,7 +821244,7 @@ components: - $ref: '#/components/schemas/microsoft.graph.security.detectionSource' - type: object nullable: true - description: 'Detection technology or sensor that identified the notable component or activity. The possible values are: unknown, microsoftDefenderForEndpoint, antivirus, smartScreen, customTi, microsoftDefenderForOffice365, automatedInvestigation, microsoftThreatExperts, customDetection, microsoftDefenderForIdentity, cloudAppSecurity, microsoft365Defender, azureAdIdentityProtection, manual, microsoftDataLossPrevention, appGovernancePolicy, appGovernanceDetection, unknownFutureValue, microsoftDefenderForCloud, microsoftDefenderForIoT, microsoftDefenderForServers, microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, microsoftDefenderForNetwork, microsoftDefenderForAppService, microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence, microsoftDefenderForAIServices, securityCopilot. Use the Prefer: include-unknown-enum-members request header to get the following values in this evolvable enum: microsoftDefenderForCloud, microsoftDefenderForIoT, microsoftDefenderForServers, microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, microsoftDefenderForNetwork, microsoftDefenderForAppService, microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence, microsoftDefenderForAIServices, securityCopilot.' + description: Detection technology or sensor that identified the notable component or activity. detectorId: type: string description: The ID of the detector that triggered the alert. @@ -823063,6 +823102,12 @@ components: type: string description: Time when the incident was last updated. format: date-time + priorityScore: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true redirectIncidentId: type: string description: 'Only populated in case an incident is grouped with another incident, as part of the logic that processes incidents. In such a case, the status property is redirected.' @@ -823623,6 +823668,8 @@ components: format: int64 sensorType: $ref: '#/components/schemas/microsoft.graph.security.sensorType' + serviceStatus: + $ref: '#/components/schemas/microsoft.graph.security.serviceStatus' settings: $ref: '#/components/schemas/microsoft.graph.security.sensorSettings' version: @@ -823648,6 +823695,9 @@ components: computerDnsName: type: string description: The DNS name of the computer associated with the sensor. + domainName: + type: string + description: The domain name of the sensor. lastSeenDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' type: string @@ -828128,6 +828178,17 @@ components: - microsoftInsiderRiskManagement - microsoftThreatIntelligence type: string + microsoft.graph.security.serviceStatus: + title: serviceStatus + enum: + - stopped + - starting + - running + - disabled + - onboarding + - unknown + - unknownFutureValue + type: string microsoft.graph.security.sourceType: title: sourceType enum: @@ -855154,9 +855215,12 @@ components: '@odata.type': microsoft.graph.identitySet createdDateTime: '0001-01-01T00:00:00.0000000+00:00' displayName: String + isEnabled: 'true' lastModifiedBy: '@odata.type': microsoft.graph.identitySet lastModifiedDateTime: '0001-01-01T00:00:00.0000000+00:00' + protectionPolicyArtifactCount: + '@odata.type': microsoft.graph.protectionPolicyArtifactCount retentionSettings: - '@odata.type': microsoft.graph.retentionSetting status: @@ -863444,6 +863508,12 @@ components: cid: String format: String labelId: String + microsoft.graph.protectionPolicyArtifactCount: + value: + completed: '0' + failed: '0' + inProgress: '0' + total: '0' microsoft.graph.provisionChannelEmailResult: value: email: String @@ -866980,6 +867050,7 @@ components: incidentWebUrl: String lastModifiedBy: String lastUpdateDateTime: '0001-01-01T00:00:00.0000000+00:00' + priorityScore: '0' redirectIncidentId: String resolvingComment: String severity: @@ -867139,12 +867210,15 @@ components: openHealthIssuesCount: '0' sensorType: '@odata.type': microsoft.graph.security.sensorType + serviceStatus: + '@odata.type': microsoft.graph.security.serviceStatus settings: '@odata.type': microsoft.graph.security.sensorSettings version: String microsoft.graph.security.sensorCandidate: value: computerDnsName: String + domainName: String lastSeenDateTime: '0001-01-01T00:00:00.0000000+00:00' senseClientVersion: String microsoft.graph.security.sensorCandidateActivationConfiguration: diff --git a/openapi/v1.0/powershell_v2.yaml b/openapi/v1.0/powershell_v2.yaml index 6e9ceef5..cf64bb35 100644 --- a/openapi/v1.0/powershell_v2.yaml +++ b/openapi/v1.0/powershell_v2.yaml @@ -782820,6 +782820,8 @@ components: type: string description: The name of the policy to be created. nullable: true + isEnabled: + type: boolean lastModifiedBy: anyOf: - $ref: '#/components/schemas/microsoft.graph.identitySet' @@ -782832,6 +782834,11 @@ components: description: The timestamp of the last modification of the policy. format: date-time nullable: true + protectionPolicyArtifactCount: + anyOf: + - $ref: '#/components/schemas/microsoft.graph.protectionPolicyArtifactCount' + - type: object + nullable: true retentionSettings: type: array items: @@ -785333,7 +785340,7 @@ components: description: 'Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra ID. For example,Client apps can specify a resource URI that is based on the values of this property to acquire an access token, which is the URI returned in the ''aud'' claim.The any operator is required for filter expressions on multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith).' servicePrincipalType: type: string - description: 'Identifies whether the service principal represents an application, a managed identity, or a legacy application. This is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren''t issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can''t be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn''t have an associated app registration. The appId value doesn''t associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.SocialIdp - For internal use.' + description: 'Identifies whether the service principal represents an application, a managed identity, or a legacy application. This property is set by Microsoft Entra ID internally. The servicePrincipalType property can be set to three different values: Application - A service principal that represents an application or service. The appId property identifies the associated app registration, and matches the appId of an application, possibly from a different tenant. If the associated app registration is missing, tokens aren''t issued for the service principal.ManagedIdentity - A service principal that represents a managed identity. Service principals representing managed identities can be granted access and permissions, but can''t be updated or modified directly.Legacy - A service principal that represents an app created before app registrations, or through legacy experiences. A legacy service principal can have credentials, service principal names, reply URLs, and other properties that are editable by an authorized user, but doesn''t have an associated app registration. The appId value doesn''t associate the service principal with an app registration. The service principal can only be used in the tenant where it was created.ServiceIdentity - A service principal that represents an agent identity.SocialIdp - For internal use.' nullable: true signInAudience: type: string @@ -810070,6 +810077,34 @@ components: labelId: type: string description: The unique identifier for the sensitivity label applied to the content. + microsoft.graph.protectionPolicyArtifactCount: + title: protectionPolicyArtifactCount + type: object + properties: + completed: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + failed: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + inProgress: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true + total: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true microsoft.graph.provisionChannelEmailResult: title: provisionChannelEmailResult type: object @@ -831533,7 +831568,7 @@ components: - $ref: '#/components/schemas/microsoft.graph.security.detectionSource' - type: object nullable: true - description: 'Detection technology or sensor that identified the notable component or activity. The possible values are: unknown, microsoftDefenderForEndpoint, antivirus, smartScreen, customTi, microsoftDefenderForOffice365, automatedInvestigation, microsoftThreatExperts, customDetection, microsoftDefenderForIdentity, cloudAppSecurity, microsoft365Defender, azureAdIdentityProtection, manual, microsoftDataLossPrevention, appGovernancePolicy, appGovernanceDetection, unknownFutureValue, microsoftDefenderForCloud, microsoftDefenderForIoT, microsoftDefenderForServers, microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, microsoftDefenderForNetwork, microsoftDefenderForAppService, microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence, microsoftDefenderForAIServices, securityCopilot. Use the Prefer: include-unknown-enum-members request header to get the following values in this evolvable enum: microsoftDefenderForCloud, microsoftDefenderForIoT, microsoftDefenderForServers, microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, microsoftDefenderForNetwork, microsoftDefenderForAppService, microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence, microsoftDefenderForAIServices, securityCopilot.' + description: Detection technology or sensor that identified the notable component or activity. detectorId: type: string description: The ID of the detector that triggered the alert. @@ -833074,6 +833109,12 @@ components: type: string description: Time when the incident was last updated. format: date-time + priorityScore: + maximum: 2147483647 + minimum: -2147483648 + type: number + format: int32 + nullable: true redirectIncidentId: type: string description: 'Only populated in case an incident is grouped with another incident, as part of the logic that processes incidents. In such a case, the status property is redirected.' @@ -833563,6 +833604,8 @@ components: format: int64 sensorType: $ref: '#/components/schemas/microsoft.graph.security.sensorType' + serviceStatus: + $ref: '#/components/schemas/microsoft.graph.security.serviceStatus' settings: $ref: '#/components/schemas/microsoft.graph.security.sensorSettings' version: @@ -833583,6 +833626,9 @@ components: computerDnsName: type: string description: The DNS name of the computer associated with the sensor. + domainName: + type: string + description: The domain name of the sensor. lastSeenDateTime: pattern: '^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$' type: string @@ -837368,6 +837414,17 @@ components: - microsoftInsiderRiskManagement - microsoftThreatIntelligence type: string + microsoft.graph.security.serviceStatus: + title: serviceStatus + enum: + - stopped + - starting + - running + - disabled + - onboarding + - unknown + - unknownFutureValue + type: string microsoft.graph.security.sourceType: title: sourceType enum: @@ -864341,9 +864398,12 @@ components: '@odata.type': microsoft.graph.identitySet createdDateTime: '0001-01-01T00:00:00.0000000+00:00' displayName: String + isEnabled: 'true' lastModifiedBy: '@odata.type': microsoft.graph.identitySet lastModifiedDateTime: '0001-01-01T00:00:00.0000000+00:00' + protectionPolicyArtifactCount: + '@odata.type': microsoft.graph.protectionPolicyArtifactCount retentionSettings: - '@odata.type': microsoft.graph.retentionSetting status: @@ -872657,6 +872717,12 @@ components: cid: String format: String labelId: String + microsoft.graph.protectionPolicyArtifactCount: + value: + completed: '0' + failed: '0' + inProgress: '0' + total: '0' microsoft.graph.provisionChannelEmailResult: value: email: String @@ -876193,6 +876259,7 @@ components: incidentWebUrl: String lastModifiedBy: String lastUpdateDateTime: '0001-01-01T00:00:00.0000000+00:00' + priorityScore: '0' redirectIncidentId: String resolvingComment: String severity: @@ -876352,12 +876419,15 @@ components: openHealthIssuesCount: '0' sensorType: '@odata.type': microsoft.graph.security.sensorType + serviceStatus: + '@odata.type': microsoft.graph.security.serviceStatus settings: '@odata.type': microsoft.graph.security.sensorSettings version: String microsoft.graph.security.sensorCandidate: value: computerDnsName: String + domainName: String lastSeenDateTime: '0001-01-01T00:00:00.0000000+00:00' senseClientVersion: String microsoft.graph.security.sensorCandidateActivationConfiguration: