Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Represents the reason behind a specific state of a risky user, sign-in, service principal, or agent. This enumeration is used by multiple resources.
This enumeration is used by multiple resources. The possible values are: none, adminGeneratedTemporaryPassword, userPerformedSecuredPasswordChange, userPerformedSecuredPasswordReset, adminConfirmedSigninSafe, aiConfirmedSigninSafe, userPassedMFADrivenByRiskBasedPolicy, adminDismissedAllRiskForUser, adminConfirmedSigninCompromised, hidden, adminConfirmedUserCompromised, unknownFutureValue, adminConfirmedServicePrincipalCompromised, adminDismissedAllRiskForServicePrincipal, m365DAdminDismissedDetection, userChangedPasswordOnPremises, adminDismissedRiskForSignIn, adminConfirmedAccountSafe, adminConfirmedAgentSafe, adminConfirmedAgentCompromised, adminDismissedRiskForAgent, microsoftRevokedSessions. Use the Prefer: include-unknown-enum-members request header to get the following value(s) in this evolvable enum: adminConfirmedServicePrincipalCompromised, adminDismissedAllRiskForServicePrincipal, m365DAdminDismissedDetection, userChangedPasswordOnPremises, adminDismissedRiskForSignIn, adminConfirmedAccountSafe, adminConfirmedAgentSafe, adminConfirmedAgentCompromised, adminDismissedRiskForAgent, microsoftRevokedSessions.
Members
| Member | Description |
|---|---|
| none | No details are available for the risk state. Applies to: |
| adminGeneratedTemporaryPassword | An admin generated a temporary password for the user. Applies to: |
| userPerformedSecuredPasswordChange | The user performed a secure password change. Applies to: |
| userPerformedSecuredPasswordReset | The user performed a secure password reset. Applies to: |
| adminConfirmedSigninSafe | An admin confirmed the sign-in as safe. Applies to: |
| aiConfirmedSigninSafe | AI confirmed the sign-in as safe. Applies to: |
| userPassedMFADrivenByRiskBasedPolicy | The user passed multifactor authentication (MFA) driven by a risk-based policy. Applies to: |
| adminDismissedAllRiskForUser | An admin dismissed all risk for the user. Applies to: |
| adminConfirmedSigninCompromised | An admin confirmed the sign-in as compromised. Applies to: |
| hidden | The risk state is hidden. Applies to: |
| adminConfirmedUserCompromised | An admin confirmed the user as compromised. Applies to: |
| unknownFutureValue | Evolvable enumeration sentinel value. Don't use. Applies to: |
| adminConfirmedServicePrincipalCompromised | An admin confirmed the service principal as compromised. Applies to: |
| adminDismissedAllRiskForServicePrincipal | An admin dismissed all risk for the service principal. Applies to: |
| m365DAdminDismissedDetection | A Microsoft Defender XDR admin dismissed the detection. Applies to: |
| userChangedPasswordOnPremises | The user changed their password on-premises. Applies to: |
| adminDismissedRiskForSignIn | An admin dismissed the risk for the sign-in. Applies to: |
| adminConfirmedAccountSafe | An admin confirmed the account as safe. Applies to: |
| adminConfirmedAgentSafe | An admin confirmed the agent as safe. Applies to: |
| adminConfirmedAgentCompromised | An admin confirmed the agent as compromised. Applies to: |
| adminDismissedRiskForAgent | An admin dismissed the risk for the agent. Applies to: |
| microsoftRevokedSessions | Microsoft revoked the user's sessions. Applies to: |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.riskDetail"
}