Espacio de nombres: microsoft.graph
Importante
Las API de la versión /beta de Microsoft Graph están sujetas a cambios. No se admite el uso de estas API en aplicaciones de producción. Para determinar si una API está disponible en la versión 1.0, use el selector de Versión.
Actualice la configuración predeterminada de una directiva de acceso entre inquilinos.
Esta API está disponible en las siguientes implementaciones nacionales de nube.
| Servicio global |
Gobierno de EE. UU. L4 |
Us Government L5 (DOD) |
China operada por 21Vianet |
| ✅ |
✅ |
✅ |
✅ |
Permissions
Elija el permiso o los permisos marcados como con privilegios mínimos para esta API. Use un permiso o permisos con privilegios superiores solo si la aplicación lo requiere. Para obtener más información sobre los permisos delegados y de aplicación, consulte Tipos de permisos. Para obtener más información sobre estos permisos, consulte la referencia de permisos.
| Tipo de permiso |
Permisos con privilegios mínimos |
Permisos con privilegios más altos |
| Delegado (cuenta profesional o educativa) |
Policy.ReadWrite.CrossTenantAccess |
No disponible. |
| Delegado (cuenta personal de Microsoft) |
No admitida. |
No admitida. |
| Aplicación |
Policy.ReadWrite.CrossTenantAccess |
No disponible. |
Importante
En escenarios delegados con cuentas profesionales o educativas en las que el usuario que ha iniciado sesión actúa sobre otro usuario, se le debe asignar un rol de Microsoft Entra compatible o un rol personalizado con un permiso de rol admitido. Se admiten los siguientes roles con privilegios mínimos para esta operación.
- Administrador de Teams: excluyendo la configuración de sincronización de identidades
- Administrador de seguridad
Solicitud HTTP
PATCH /policies/crossTenantAccessPolicy/default
| Nombre |
Descripción |
| Authorization |
{token} de portador. Obligatorio. Obtenga más información sobre la autenticación y la autorización. |
| Content-Type |
application/json. Obligatorio. |
Cuerpo de la solicitud
En el cuerpo de la solicitud, proporcione solo los valores de las propiedades que se van a actualizar. Las propiedades existentes que no se incluyen en el cuerpo de la solicitud mantienen sus valores anteriores o se recalculan en función de los cambios realizados en otros valores de propiedad.
En la tabla siguiente se especifican las propiedades que se pueden actualizar.
| Propiedad |
Tipo |
Descripción |
| b2bCollaborationInbound |
crossTenantAccessPolicyB2BSetting |
Define la configuración predeterminada para los usuarios de otras organizaciones que acceden a los recursos mediante Microsoft Entra colaboración B2B. |
| b2bCollaborationOutbound |
crossTenantAccessPolicyB2BSetting |
Define la configuración predeterminada para los usuarios de la organización que van de salida para acceder a los recursos de otra organización a través de Microsoft Entra colaboración B2B. |
| b2bDirectConnectInbound |
crossTenantAccessPolicyB2BSetting |
Define la configuración predeterminada para los usuarios de otras organizaciones que acceden a los recursos a través de Microsoft Entra conexión directa B2B. |
| b2bDirectConnectOutbound |
crossTenantAccessPolicyB2BSetting |
Define la configuración predeterminada para los usuarios de la organización que van de salida a acceder a los recursos de otra organización a través de Microsoft Entra conexión directa B2B. |
| inboundTrust |
crossTenantAccessPolicyInboundTrust |
Determina la configuración predeterminada para confiar en otras notificaciones de acceso condicional de organizaciones Microsoft Entra externas. |
| invitationRedemptionIdentityProviderConfiguration |
defaultInvitationRedemptionIdentityProviderConfiguration |
Define el orden de prioridad en función del cual se elegirá un proveedor de identidades durante el canje de invitación. |
| tenantRestrictions |
crossTenantAccessPolicyTenantRestrictions |
Define la configuración predeterminada de restricciones de inquilino para los usuarios de la organización que acceden a una organización externa en la red o los dispositivos. |
Respuesta
Si se ejecuta correctamente, este método devuelve un código de respuesta 204 No Content.
Ejemplos
Ejemplo 1: Bloquear la colaboración B2B saliente para un grupo de usuarios
Solicitud
PATCH https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/default
Content-Type: application/json
{
"b2bCollaborationOutbound":
{
"usersAndGroups":
{
"accessType": "blocked",
"targets": [
{
"target": "0be493dc-cb56-4a53-936f-9cf64410b8b0",
"targetType": "group"
}
]
},
"applications":
{
"accessType": "blocked",
"targets": [
{
"target": "AllApplications",
"targetType": "application"
}
]
}
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new CrossTenantAccessPolicyConfigurationDefault
{
B2bCollaborationOutbound = new CrossTenantAccessPolicyB2BSetting
{
UsersAndGroups = new CrossTenantAccessPolicyTargetConfiguration
{
AccessType = CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked,
Targets = new List<CrossTenantAccessPolicyTarget>
{
new CrossTenantAccessPolicyTarget
{
Target = "0be493dc-cb56-4a53-936f-9cf64410b8b0",
TargetType = CrossTenantAccessPolicyTargetType.Group,
},
},
},
Applications = new CrossTenantAccessPolicyTargetConfiguration
{
AccessType = CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked,
Targets = new List<CrossTenantAccessPolicyTarget>
{
new CrossTenantAccessPolicyTarget
{
Target = "AllApplications",
TargetType = CrossTenantAccessPolicyTargetType.Application,
},
},
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.CrossTenantAccessPolicy.Default.PatchAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewCrossTenantAccessPolicyConfigurationDefault()
b2bCollaborationOutbound := graphmodels.NewCrossTenantAccessPolicyB2BSetting()
usersAndGroups := graphmodels.NewCrossTenantAccessPolicyTargetConfiguration()
accessType := graphmodels.BLOCKED_CROSSTENANTACCESSPOLICYTARGETCONFIGURATIONACCESSTYPE
usersAndGroups.SetAccessType(&accessType)
crossTenantAccessPolicyTarget := graphmodels.NewCrossTenantAccessPolicyTarget()
target := "0be493dc-cb56-4a53-936f-9cf64410b8b0"
crossTenantAccessPolicyTarget.SetTarget(&target)
targetType := graphmodels.GROUP_CROSSTENANTACCESSPOLICYTARGETTYPE
crossTenantAccessPolicyTarget.SetTargetType(&targetType)
targets := []graphmodels.CrossTenantAccessPolicyTargetable {
crossTenantAccessPolicyTarget,
}
usersAndGroups.SetTargets(targets)
b2bCollaborationOutbound.SetUsersAndGroups(usersAndGroups)
applications := graphmodels.NewCrossTenantAccessPolicyTargetConfiguration()
accessType := graphmodels.BLOCKED_CROSSTENANTACCESSPOLICYTARGETCONFIGURATIONACCESSTYPE
applications.SetAccessType(&accessType)
crossTenantAccessPolicyTarget := graphmodels.NewCrossTenantAccessPolicyTarget()
target := "AllApplications"
crossTenantAccessPolicyTarget.SetTarget(&target)
targetType := graphmodels.APPLICATION_CROSSTENANTACCESSPOLICYTARGETTYPE
crossTenantAccessPolicyTarget.SetTargetType(&targetType)
targets := []graphmodels.CrossTenantAccessPolicyTargetable {
crossTenantAccessPolicyTarget,
}
applications.SetTargets(targets)
b2bCollaborationOutbound.SetApplications(applications)
requestBody.SetB2bCollaborationOutbound(b2bCollaborationOutbound)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
default, err := graphClient.Policies().CrossTenantAccessPolicy().Default().Patch(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CrossTenantAccessPolicyConfigurationDefault crossTenantAccessPolicyConfigurationDefault = new CrossTenantAccessPolicyConfigurationDefault();
CrossTenantAccessPolicyB2BSetting b2bCollaborationOutbound = new CrossTenantAccessPolicyB2BSetting();
CrossTenantAccessPolicyTargetConfiguration usersAndGroups = new CrossTenantAccessPolicyTargetConfiguration();
usersAndGroups.setAccessType(CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked);
LinkedList<CrossTenantAccessPolicyTarget> targets = new LinkedList<CrossTenantAccessPolicyTarget>();
CrossTenantAccessPolicyTarget crossTenantAccessPolicyTarget = new CrossTenantAccessPolicyTarget();
crossTenantAccessPolicyTarget.setTarget("0be493dc-cb56-4a53-936f-9cf64410b8b0");
crossTenantAccessPolicyTarget.setTargetType(CrossTenantAccessPolicyTargetType.Group);
targets.add(crossTenantAccessPolicyTarget);
usersAndGroups.setTargets(targets);
b2bCollaborationOutbound.setUsersAndGroups(usersAndGroups);
CrossTenantAccessPolicyTargetConfiguration applications = new CrossTenantAccessPolicyTargetConfiguration();
applications.setAccessType(CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked);
LinkedList<CrossTenantAccessPolicyTarget> targets1 = new LinkedList<CrossTenantAccessPolicyTarget>();
CrossTenantAccessPolicyTarget crossTenantAccessPolicyTarget1 = new CrossTenantAccessPolicyTarget();
crossTenantAccessPolicyTarget1.setTarget("AllApplications");
crossTenantAccessPolicyTarget1.setTargetType(CrossTenantAccessPolicyTargetType.Application);
targets1.add(crossTenantAccessPolicyTarget1);
applications.setTargets(targets1);
b2bCollaborationOutbound.setApplications(applications);
crossTenantAccessPolicyConfigurationDefault.setB2bCollaborationOutbound(b2bCollaborationOutbound);
CrossTenantAccessPolicyConfigurationDefault result = graphClient.policies().crossTenantAccessPolicy().defaultEscaped().patch(crossTenantAccessPolicyConfigurationDefault);
const options = {
authProvider,
};
const client = Client.init(options);
const crossTenantAccessPolicyConfigurationDefault = {
b2bCollaborationOutbound:
{
usersAndGroups:
{
accessType: 'blocked',
targets: [
{
target: '0be493dc-cb56-4a53-936f-9cf64410b8b0',
targetType: 'group'
}
]
},
applications:
{
accessType: 'blocked',
targets: [
{
target: 'AllApplications',
targetType: 'application'
}
]
}
}
};
await client.api('/policies/crossTenantAccessPolicy/default')
.version('beta')
.update(crossTenantAccessPolicyConfigurationDefault);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\CrossTenantAccessPolicyConfigurationDefault;
use Microsoft\Graph\Beta\Generated\Models\CrossTenantAccessPolicyB2BSetting;
use Microsoft\Graph\Beta\Generated\Models\CrossTenantAccessPolicyTargetConfiguration;
use Microsoft\Graph\Beta\Generated\Models\CrossTenantAccessPolicyTargetConfigurationAccessType;
use Microsoft\Graph\Beta\Generated\Models\CrossTenantAccessPolicyTarget;
use Microsoft\Graph\Beta\Generated\Models\CrossTenantAccessPolicyTargetType;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CrossTenantAccessPolicyConfigurationDefault();
$b2bCollaborationOutbound = new CrossTenantAccessPolicyB2BSetting();
$b2bCollaborationOutboundUsersAndGroups = new CrossTenantAccessPolicyTargetConfiguration();
$b2bCollaborationOutboundUsersAndGroups->setAccessType(new CrossTenantAccessPolicyTargetConfigurationAccessType('blocked'));
$targetsCrossTenantAccessPolicyTarget1 = new CrossTenantAccessPolicyTarget();
$targetsCrossTenantAccessPolicyTarget1->setTarget('0be493dc-cb56-4a53-936f-9cf64410b8b0');
$targetsCrossTenantAccessPolicyTarget1->setTargetType(new CrossTenantAccessPolicyTargetType('group'));
$targetsArray []= $targetsCrossTenantAccessPolicyTarget1;
$b2bCollaborationOutboundUsersAndGroups->setTargets($targetsArray);
$b2bCollaborationOutbound->setUsersAndGroups($b2bCollaborationOutboundUsersAndGroups);
$b2bCollaborationOutboundApplications = new CrossTenantAccessPolicyTargetConfiguration();
$b2bCollaborationOutboundApplications->setAccessType(new CrossTenantAccessPolicyTargetConfigurationAccessType('blocked'));
$targetsCrossTenantAccessPolicyTarget1 = new CrossTenantAccessPolicyTarget();
$targetsCrossTenantAccessPolicyTarget1->setTarget('AllApplications');
$targetsCrossTenantAccessPolicyTarget1->setTargetType(new CrossTenantAccessPolicyTargetType('application'));
$targetsArray []= $targetsCrossTenantAccessPolicyTarget1;
$b2bCollaborationOutboundApplications->setTargets($targetsArray);
$b2bCollaborationOutbound->setApplications($b2bCollaborationOutboundApplications);
$requestBody->setB2bCollaborationOutbound($b2bCollaborationOutbound);
$result = $graphServiceClient->policies()->crossTenantAccessPolicy()->escapedDefault()->patch($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
b2bCollaborationOutbound = @{
usersAndGroups = @{
accessType = "blocked"
targets = @(
@{
target = "0be493dc-cb56-4a53-936f-9cf64410b8b0"
targetType = "group"
}
)
}
applications = @{
accessType = "blocked"
targets = @(
@{
target = "AllApplications"
targetType = "application"
}
)
}
}
}
Update-MgBetaPolicyCrossTenantAccessPolicyDefault -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.cross_tenant_access_policy_configuration_default import CrossTenantAccessPolicyConfigurationDefault
from msgraph_beta.generated.models.cross_tenant_access_policy_b2_b_setting import CrossTenantAccessPolicyB2BSetting
from msgraph_beta.generated.models.cross_tenant_access_policy_target_configuration import CrossTenantAccessPolicyTargetConfiguration
from msgraph_beta.generated.models.cross_tenant_access_policy_target_configuration_access_type import CrossTenantAccessPolicyTargetConfigurationAccessType
from msgraph_beta.generated.models.cross_tenant_access_policy_target import CrossTenantAccessPolicyTarget
from msgraph_beta.generated.models.cross_tenant_access_policy_target_type import CrossTenantAccessPolicyTargetType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = CrossTenantAccessPolicyConfigurationDefault(
b2b_collaboration_outbound = CrossTenantAccessPolicyB2BSetting(
users_and_groups = CrossTenantAccessPolicyTargetConfiguration(
access_type = CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked,
targets = [
CrossTenantAccessPolicyTarget(
target = "0be493dc-cb56-4a53-936f-9cf64410b8b0",
target_type = CrossTenantAccessPolicyTargetType.Group,
),
],
),
applications = CrossTenantAccessPolicyTargetConfiguration(
access_type = CrossTenantAccessPolicyTargetConfigurationAccessType.Blocked,
targets = [
CrossTenantAccessPolicyTarget(
target = "AllApplications",
target_type = CrossTenantAccessPolicyTargetType.Application,
),
],
),
),
)
result = await graph_client.policies.cross_tenant_access_policy.default.patch(request_body)
Respuesta
HTTP/1.1 204 No Content
Ejemplo 2: Actualización de la configuración predeterminada de canje de invitaciones
Solicitud
PATCH https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/default
Content-Type: application/json
{
"invitationRedemptionIdentityProviderConfiguration": {
"primaryIdentityProviderPrecedenceOrder": [
"externalFederation",
"azureActiveDirectory",
"socialIdentityProviders"
],
"fallbackIdentityProvider": "defaultConfiguredIdp"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new CrossTenantAccessPolicyConfigurationDefault
{
InvitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration
{
PrimaryIdentityProviderPrecedenceOrder = new List<B2bIdentityProvidersType?>
{
B2bIdentityProvidersType.ExternalFederation,
B2bIdentityProvidersType.AzureActiveDirectory,
B2bIdentityProvidersType.SocialIdentityProviders,
},
FallbackIdentityProvider = B2bIdentityProvidersType.DefaultConfiguredIdp,
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.CrossTenantAccessPolicy.Default.PatchAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewCrossTenantAccessPolicyConfigurationDefault()
invitationRedemptionIdentityProviderConfiguration := graphmodels.NewDefaultInvitationRedemptionIdentityProviderConfiguration()
primaryIdentityProviderPrecedenceOrder := []graphmodels.B2bIdentityProvidersTypeable {
b2bIdentityProvidersType := graphmodels.EXTERNALFEDERATION_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
b2bIdentityProvidersType := graphmodels.AZUREACTIVEDIRECTORY_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
b2bIdentityProvidersType := graphmodels.SOCIALIDENTITYPROVIDERS_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
}
invitationRedemptionIdentityProviderConfiguration.SetPrimaryIdentityProviderPrecedenceOrder(primaryIdentityProviderPrecedenceOrder)
fallbackIdentityProvider := graphmodels.DEFAULTCONFIGUREDIDP_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetFallbackIdentityProvider(&fallbackIdentityProvider)
requestBody.SetInvitationRedemptionIdentityProviderConfiguration(invitationRedemptionIdentityProviderConfiguration)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
default, err := graphClient.Policies().CrossTenantAccessPolicy().Default().Patch(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CrossTenantAccessPolicyConfigurationDefault crossTenantAccessPolicyConfigurationDefault = new CrossTenantAccessPolicyConfigurationDefault();
DefaultInvitationRedemptionIdentityProviderConfiguration invitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration();
LinkedList<B2bIdentityProvidersType> primaryIdentityProviderPrecedenceOrder = new LinkedList<B2bIdentityProvidersType>();
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.ExternalFederation);
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.AzureActiveDirectory);
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.SocialIdentityProviders);
invitationRedemptionIdentityProviderConfiguration.setPrimaryIdentityProviderPrecedenceOrder(primaryIdentityProviderPrecedenceOrder);
invitationRedemptionIdentityProviderConfiguration.setFallbackIdentityProvider(B2bIdentityProvidersType.DefaultConfiguredIdp);
crossTenantAccessPolicyConfigurationDefault.setInvitationRedemptionIdentityProviderConfiguration(invitationRedemptionIdentityProviderConfiguration);
CrossTenantAccessPolicyConfigurationDefault result = graphClient.policies().crossTenantAccessPolicy().defaultEscaped().patch(crossTenantAccessPolicyConfigurationDefault);
const options = {
authProvider,
};
const client = Client.init(options);
const crossTenantAccessPolicyConfigurationDefault = {
invitationRedemptionIdentityProviderConfiguration: {
primaryIdentityProviderPrecedenceOrder: [
'externalFederation',
'azureActiveDirectory',
'socialIdentityProviders'
],
fallbackIdentityProvider: 'defaultConfiguredIdp'
}
};
await client.api('/policies/crossTenantAccessPolicy/default')
.version('beta')
.update(crossTenantAccessPolicyConfigurationDefault);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\CrossTenantAccessPolicyConfigurationDefault;
use Microsoft\Graph\Beta\Generated\Models\DefaultInvitationRedemptionIdentityProviderConfiguration;
use Microsoft\Graph\Beta\Generated\Models\B2bIdentityProvidersType;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CrossTenantAccessPolicyConfigurationDefault();
$invitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration();
$invitationRedemptionIdentityProviderConfiguration->setPrimaryIdentityProviderPrecedenceOrder([new B2bIdentityProvidersType('externalFederation'),new B2bIdentityProvidersType('azureActiveDirectory'),new B2bIdentityProvidersType('socialIdentityProviders'), ]);
$invitationRedemptionIdentityProviderConfiguration->setFallbackIdentityProvider(new B2bIdentityProvidersType('defaultConfiguredIdp'));
$requestBody->setInvitationRedemptionIdentityProviderConfiguration($invitationRedemptionIdentityProviderConfiguration);
$result = $graphServiceClient->policies()->crossTenantAccessPolicy()->escapedDefault()->patch($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
invitationRedemptionIdentityProviderConfiguration = @{
primaryIdentityProviderPrecedenceOrder = @(
"externalFederation"
"azureActiveDirectory"
"socialIdentityProviders"
)
fallbackIdentityProvider = "defaultConfiguredIdp"
}
}
Update-MgBetaPolicyCrossTenantAccessPolicyDefault -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.cross_tenant_access_policy_configuration_default import CrossTenantAccessPolicyConfigurationDefault
from msgraph_beta.generated.models.default_invitation_redemption_identity_provider_configuration import DefaultInvitationRedemptionIdentityProviderConfiguration
from msgraph_beta.generated.models.b2b_identity_providers_type import B2bIdentityProvidersType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = CrossTenantAccessPolicyConfigurationDefault(
invitation_redemption_identity_provider_configuration = DefaultInvitationRedemptionIdentityProviderConfiguration(
primary_identity_provider_precedence_order = [
B2bIdentityProvidersType.ExternalFederation,
B2bIdentityProvidersType.AzureActiveDirectory,
B2bIdentityProvidersType.SocialIdentityProviders,
],
fallback_identity_provider = B2bIdentityProvidersType.DefaultConfiguredIdp,
),
)
result = await graph_client.policies.cross_tenant_access_policy.default.patch(request_body)
Respuesta
HTTP/1.1 204 No Content
Ejemplo 3: No permitir cuentas Microsoft como opción para canjear invitaciones B2B
Solicitud
PATCH https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/default
Content-Type: application/json
{
"invitationRedemptionIdentityProviderConfiguration": {
"primaryIdentityProviderPrecedenceOrder": [
"externalFederation",
"azureActiveDirectory",
"socialIdentityProviders"
],
"fallbackIdentityProvider": "emailOneTimePasscode"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new CrossTenantAccessPolicyConfigurationDefault
{
InvitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration
{
PrimaryIdentityProviderPrecedenceOrder = new List<B2bIdentityProvidersType?>
{
B2bIdentityProvidersType.ExternalFederation,
B2bIdentityProvidersType.AzureActiveDirectory,
B2bIdentityProvidersType.SocialIdentityProviders,
},
FallbackIdentityProvider = B2bIdentityProvidersType.EmailOneTimePasscode,
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Policies.CrossTenantAccessPolicy.Default.PatchAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewCrossTenantAccessPolicyConfigurationDefault()
invitationRedemptionIdentityProviderConfiguration := graphmodels.NewDefaultInvitationRedemptionIdentityProviderConfiguration()
primaryIdentityProviderPrecedenceOrder := []graphmodels.B2bIdentityProvidersTypeable {
b2bIdentityProvidersType := graphmodels.EXTERNALFEDERATION_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
b2bIdentityProvidersType := graphmodels.AZUREACTIVEDIRECTORY_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
b2bIdentityProvidersType := graphmodels.SOCIALIDENTITYPROVIDERS_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetB2bIdentityProvidersType(&b2bIdentityProvidersType)
}
invitationRedemptionIdentityProviderConfiguration.SetPrimaryIdentityProviderPrecedenceOrder(primaryIdentityProviderPrecedenceOrder)
fallbackIdentityProvider := graphmodels.EMAILONETIMEPASSCODE_B2BIDENTITYPROVIDERSTYPE
invitationRedemptionIdentityProviderConfiguration.SetFallbackIdentityProvider(&fallbackIdentityProvider)
requestBody.SetInvitationRedemptionIdentityProviderConfiguration(invitationRedemptionIdentityProviderConfiguration)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
default, err := graphClient.Policies().CrossTenantAccessPolicy().Default().Patch(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CrossTenantAccessPolicyConfigurationDefault crossTenantAccessPolicyConfigurationDefault = new CrossTenantAccessPolicyConfigurationDefault();
DefaultInvitationRedemptionIdentityProviderConfiguration invitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration();
LinkedList<B2bIdentityProvidersType> primaryIdentityProviderPrecedenceOrder = new LinkedList<B2bIdentityProvidersType>();
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.ExternalFederation);
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.AzureActiveDirectory);
primaryIdentityProviderPrecedenceOrder.add(B2bIdentityProvidersType.SocialIdentityProviders);
invitationRedemptionIdentityProviderConfiguration.setPrimaryIdentityProviderPrecedenceOrder(primaryIdentityProviderPrecedenceOrder);
invitationRedemptionIdentityProviderConfiguration.setFallbackIdentityProvider(B2bIdentityProvidersType.EmailOneTimePasscode);
crossTenantAccessPolicyConfigurationDefault.setInvitationRedemptionIdentityProviderConfiguration(invitationRedemptionIdentityProviderConfiguration);
CrossTenantAccessPolicyConfigurationDefault result = graphClient.policies().crossTenantAccessPolicy().defaultEscaped().patch(crossTenantAccessPolicyConfigurationDefault);
const options = {
authProvider,
};
const client = Client.init(options);
const crossTenantAccessPolicyConfigurationDefault = {
invitationRedemptionIdentityProviderConfiguration: {
primaryIdentityProviderPrecedenceOrder: [
'externalFederation',
'azureActiveDirectory',
'socialIdentityProviders'
],
fallbackIdentityProvider: 'emailOneTimePasscode'
}
};
await client.api('/policies/crossTenantAccessPolicy/default')
.version('beta')
.update(crossTenantAccessPolicyConfigurationDefault);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\CrossTenantAccessPolicyConfigurationDefault;
use Microsoft\Graph\Beta\Generated\Models\DefaultInvitationRedemptionIdentityProviderConfiguration;
use Microsoft\Graph\Beta\Generated\Models\B2bIdentityProvidersType;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CrossTenantAccessPolicyConfigurationDefault();
$invitationRedemptionIdentityProviderConfiguration = new DefaultInvitationRedemptionIdentityProviderConfiguration();
$invitationRedemptionIdentityProviderConfiguration->setPrimaryIdentityProviderPrecedenceOrder([new B2bIdentityProvidersType('externalFederation'),new B2bIdentityProvidersType('azureActiveDirectory'),new B2bIdentityProvidersType('socialIdentityProviders'), ]);
$invitationRedemptionIdentityProviderConfiguration->setFallbackIdentityProvider(new B2bIdentityProvidersType('emailOneTimePasscode'));
$requestBody->setInvitationRedemptionIdentityProviderConfiguration($invitationRedemptionIdentityProviderConfiguration);
$result = $graphServiceClient->policies()->crossTenantAccessPolicy()->escapedDefault()->patch($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
invitationRedemptionIdentityProviderConfiguration = @{
primaryIdentityProviderPrecedenceOrder = @(
"externalFederation"
"azureActiveDirectory"
"socialIdentityProviders"
)
fallbackIdentityProvider = "emailOneTimePasscode"
}
}
Update-MgBetaPolicyCrossTenantAccessPolicyDefault -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.cross_tenant_access_policy_configuration_default import CrossTenantAccessPolicyConfigurationDefault
from msgraph_beta.generated.models.default_invitation_redemption_identity_provider_configuration import DefaultInvitationRedemptionIdentityProviderConfiguration
from msgraph_beta.generated.models.b2b_identity_providers_type import B2bIdentityProvidersType
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = CrossTenantAccessPolicyConfigurationDefault(
invitation_redemption_identity_provider_configuration = DefaultInvitationRedemptionIdentityProviderConfiguration(
primary_identity_provider_precedence_order = [
B2bIdentityProvidersType.ExternalFederation,
B2bIdentityProvidersType.AzureActiveDirectory,
B2bIdentityProvidersType.SocialIdentityProviders,
],
fallback_identity_provider = B2bIdentityProvidersType.EmailOneTimePasscode,
),
)
result = await graph_client.policies.cross_tenant_access_policy.default.patch(request_body)
Respuesta
HTTP/1.1 204 No Content