{"id":3365,"date":"2019-09-05T12:48:56","date_gmt":"2019-09-05T19:48:56","guid":{"rendered":"https:\/\/developer.microsoft.com\/en-us\/office\/blogs\/?p=3365"},"modified":"2019-09-05T12:48:56","modified_gmt":"2019-09-05T19:48:56","slug":"breaking-changes-policy-api-microsoft-graph-beta","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/breaking-changes-policy-api-microsoft-graph-beta\/","title":{"rendered":"Breaking change: policy API update in Microsoft Graph beta"},"content":{"rendered":"<div>\n<p>By the end of September, we plan to make some changes to the Azure Active Directory (Azure AD) policy API.\u00a0Currently, there\u2019s a single\u00a0<strong>policy<\/strong> resource type, which contains:<\/p>\n<ul>\n<li>a <em>type<\/em> property indicating the actual policy type, and<\/li>\n<li>a <em>definition<\/em> string\u00a0collection property which contains the JSON formatted policy definition.\u00a0 The schema for the <em>definition<\/em> is dependent on the policy type and is only discoverable through documentation.<\/li>\n<\/ul>\n<p>The breaking change will replace the existing\u00a0<strong>policies <\/strong>collection with a\u00a0<strong>policies <\/strong>URL\u00a0segment.\u00a0Under the <strong>policies<\/strong> segment we will group multiple typed policy resources.\u00a0See below for more details.<\/p>\n<\/div>\n<h3>Why the change?<\/h3>\n<p>We want to make it easier for developers to discover all policies in one place as we introduce more Azure AD and identity policies. Some of these policies are already in Microsoft Graph beta.\u00a0So, we\u2019re introducing a new\u00a0<strong>policies\u00a0<\/strong>segment to group all our typed policies underneath.\u00a0See the following example that shows the policy resource before and after the change.<\/p>\n<h3>Example<\/h3>\n<div>\n<h4>Policy resource before the change<\/h4>\n<p>Currently to list policies, the request and response would look something like this:<\/p>\n<p><i>Request<\/i><\/p>\n<pre class=\"lang:default decode:true\">GET https:\/\/graph.microsoft.com\/beta\/policies<\/pre>\n<p><i>Response<\/i><\/p>\n<div>\n<pre class=\"lang:default decode:true \">HTTP\/1.1 200 OK\nContent-type: application\/json\n{\n  \"@odata.context\": \"https:\/\/graph.microsoft.com\/beta\/$metadata#policies\",\n  \"values\": [\n      {\n          \"id\": \"guid1\",\n          \"displayName\":\"usertokens\",\n          \"isOrganizationDefault\": true,\n          \"definition\": [\"JSON policy definition1\"],\n          \"type\": \"TokenLifetimePolicy\"\n      },\n      {\n          \"id\": \"guid2\",\n          \"displayName\":\"accesstokens\",\n          \"isOrganizationDefault\": false,\n          \"definition\": [\"JSON policy definition2]\",\n          \"type\": \"TokenLifetimePolicy\"\n      }\n  ]\n}<\/pre>\n<\/div>\n<h4>After the change<\/h4>\n<p>Different typed policies will now be grouped under a\u00a0<strong>\/policies\u00a0<\/strong>segment. <strong>policies\u00a0<\/strong>will no longer be a collection of <strong>policy<\/strong> instances. For each type of policy, there will now be a new typed policy resource.\u00a0 For example, there is a TokenLifetimePolicy type as part of the existing <strong>policy<\/strong> resource; after the change there will be a new\u00a0<strong>tokenLifetimePolicy<\/strong> resource type.\u00a0 Putting this all together:<\/p>\n<p><i>Request<\/i><\/p>\n<pre class=\"lang:default decode:true\">GET https:\/\/graph.microsoft.com\/beta\/policies\/tokenLifetimePolicies<\/pre>\n<p><i>Response<\/i><\/p>\n<div>\n<pre class=\"lang:default decode:true\">HTTP\/1.1 200 OK\nContent-type: application\/json\n{\n  \"@odata.context\": \"https:\/\/graph.microsoft.com\/beta\/$metadata#policies\/tokenLifetimePolicies\",\n  \"values\": [\n      {\n          \"id\": \"guid1\",\n          \"displayName\":\"usertokens\",\n          \"isOrganizationDefault\": true,\n          \"definition\": [\"JSON policy definition1\"]\n      },\n      {\n          \"id\": \"guid2\",\n          \"displayName\":\"accesstokens\",\n          \"isOrganizationDefault\": false,\n          \"definition\": [\"JSON policy definition2\"]\n      }\n  ]\n}<\/pre>\n<p>Other fully schematized policies will start to show up under the\u00a0<strong>\/policies<\/strong> segment too:<\/p>\n<ul>\n<li><a href=\"https:\/\/docs.microsoft.com\/graph\/api\/resources\/featurerolloutpolicy?view=graph-rest-beta\">featureRolloutPolicy<\/a><\/li>\n<li><a href=\"https:\/\/docs.microsoft.com\/graph\/api\/resources\/grouplifecyclepolicy?view=graph-rest-beta\">groupLifecyclePolicy<\/a><\/li>\n<li><a href=\"https:\/\/docs.microsoft.com\/graph\/api\/resources\/trustframeworkpolicy?view=graph-rest-beta\">trustFrameworkPolicy<\/a><\/li>\n<\/ul>\n<\/div>\n<h3>Tell us what you think<\/h3>\n<p>We welcome your feedback. If you have further questions, you can reach out to\u00a0us on\u00a0<u><a title=\"https:\/\/stackoverflow.com\/questions\/tagged\/microsoft-graph\" href=\"https:\/\/stackoverflow.com\/questions\/tagged\/microsoft-graph\" target=\"_blank\" rel=\"noreferrer noopener\">StackOverflow<\/a><\/u>.<\/p>\n<p>-The Microsoft identity platform team<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>The existing\u00a0policies collection will be replaced with a\u00a0policies URL\u00a0segment.\u00a0Under the policies segment we will group multiple typed policy resources.<\/p>\n","protected":false},"author":69081,"featured_media":25159,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[3,5],"tags":[22],"class_list":["post-3365","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-graph","category-microsoft-identity-platform","tag-azure-ad"],"acf":[],"blog_post_summary":"<p>The existing\u00a0policies collection will be replaced with a\u00a0policies URL\u00a0segment.\u00a0Under the policies segment we will group multiple typed policy resources.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts\/3365","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/users\/69081"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/comments?post=3365"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts\/3365\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/media\/25159"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/media?parent=3365"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/categories?post=3365"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/tags?post=3365"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}