Breaking changes: Application and ServicePrincipal API updates in Microsoft Graph beta
We’re updating the application, servicePrincipal and oAuth2PermissionGrant Microsoft Graph APIs in public preview (beta). These changes will roll out in phases over the next few weeks.
Changes to properties
Change | Call to action |
The orgRestrictions property will be removed from the application resource. This property was marked as “Reserved for future use” and Azure AD ignores the value of this property today. | Writing to this property has no effect today. If you read this property today, update your clients as needed to handle this scenario. |
The startTime and expiryTime properties will be deleted from oAuth2PermissonGrant. Azure AD ignores the value of these properties today. | Writing to these properties has no effect today. If you read these properties today, update your clients as needed to handle this scenario. |
The errorUrl property will be deleted from servicePrincipal. Azure AD ignores the value of this property today. | Writing to this property has no effect today. Update your clients as needed to handle this scenario. |
The signInAudience property will be deleted from servicePrincipal. Azure AD ignores the value of this property today. | If you read this property today, update your clients as needed to handle this scenario. |
Changes to methods
You can no longer use a PATCH operation on the application or servicePrincipal objects to update passwordCredentials. You can use the addPassword and removePassword methods to update the password for an application or a servicePrincipal.
addPassword
Request – application
POST https://graph.microsoft.com/beta/applications/{id}/addPassword { "passwordCredential": { "displayName": "Password friendly name" } }
Response – application
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#microsoft.graph.passwordCredential", "customKeyIdentifier": "guid", "endDateTime": "timestamp", "keyId": "guid", "startDateTime": "timestamp", "secretText": "string" "hint": "string", "displayName": "string" }
Request – servicePrincipal
POST https://graph.microsoft.com/beta/servicePrincipals/{id}/addPassword { "passwordCredential": { "displayName": "Password friendly name" } }
Response – servicePrincipal
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#microsoft.graph.passwordCredential", "customKeyIdentifier": "guid", "endDateTime": "timestamp", "keyId": "guid", "startDateTime": "timestamp", "secretText": "string" "hint": "string", "displayName": "string" }
removePassword
Request – application
POST⯠https://graph.microsoft.com/beta/applications/{id}/removePassword { "keyId": "key id" }
Response – application
204 No content
Request – servicePrincipal
POST https://graph.microsoft.com/beta/servicePrincipals/{id}/removePassword { "keyId": "key id" }
Response – servicePrincipal
204 No content
Tell us what you think
We welcome your feedback on UserVoice. If you have questions, reach out to us on Stack Overflow.
-The Microsoft Identity Platform Team
0 comments