We’re updating the application, servicePrincipal and oAuth2PermissionGrant Microsoft Graph APIs in public preview (beta). These changes will roll out in phases over the next few weeks.
Changes to properties
Change | Call to action |
The orgRestrictions property will be removed from the application resource. This property was marked as “Reserved for future use” and Azure AD ignores the value of this property today. | Writing to this property has no effect today. If you read this property today, update your clients as needed to handle this scenario. |
The startTime and expiryTime properties will be deleted from oAuth2PermissonGrant. Azure AD ignores the value of these properties today. | Writing to these properties has no effect today. If you read these properties today, update your clients as needed to handle this scenario. |
The errorUrl property will be deleted from servicePrincipal. Azure AD ignores the value of this property today. | Writing to this property has no effect today. Update your clients as needed to handle this scenario. |
The signInAudience property will be deleted from servicePrincipal. Azure AD ignores the value of this property today. | If you read this property today, update your clients as needed to handle this scenario. |
Changes to methods
You can no longer use a PATCH operation on the application or servicePrincipal objects to update passwordCredentials. You can use the addPassword and removePassword methods to update the password for an application or a servicePrincipal.
addPassword
Request – application
POST https://graph.microsoft.com/beta/applications/{id}/addPassword { "passwordCredential": { "displayName": "Password friendly name" } }
Response – application
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#microsoft.graph.passwordCredential", "customKeyIdentifier": "guid", "endDateTime": "timestamp", "keyId": "guid", "startDateTime": "timestamp", "secretText": "string" "hint": "string", "displayName": "string" }
Request – servicePrincipal
POST https://graph.microsoft.com/beta/servicePrincipals/{id}/addPassword { "passwordCredential": { "displayName": "Password friendly name" } }
Response – servicePrincipal
{ "@odata.context": "https://graph.microsoft.com/beta/$metadata#microsoft.graph.passwordCredential", "customKeyIdentifier": "guid", "endDateTime": "timestamp", "keyId": "guid", "startDateTime": "timestamp", "secretText": "string" "hint": "string", "displayName": "string" }
removePassword
Request – application
POST  https://graph.microsoft.com/beta/applications/{id}/removePassword { "keyId": "key id" }
Response – application
204 No content
Request – servicePrincipal
POST https://graph.microsoft.com/beta/servicePrincipals/{id}/removePassword { "keyId": "key id" }
Response – servicePrincipal
204 No content
Tell us what you think
We welcome your feedback on UserVoice. If you have questions, reach out to us on Stack Overflow.
-The Microsoft Identity Platform Team