Create windowsWifiEnterpriseEAPConfiguration
Namespace: microsoft.graph
Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Create a new windowsWifiEnterpriseEAPConfiguration object.
This API is available in the following national cloud deployments.
| Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ |
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | DeviceManagementConfiguration.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
| Application | DeviceManagementConfiguration.ReadWrite.All |
HTTP Request
POST /deviceManagement/deviceConfigurations
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations
Request headers
| Header | Value |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
| Accept | application/json |
Request body
In the request body, supply a JSON representation for the windowsWifiEnterpriseEAPConfiguration object.
The following table shows the properties that are required when you create the windowsWifiEnterpriseEAPConfiguration.
| Property | Type | Description |
|---|---|---|
| id | String | Key of the entity. Inherited from deviceConfiguration |
| lastModifiedDateTime | DateTimeOffset | DateTime the object was last modified. Inherited from deviceConfiguration |
| roleScopeTagIds | String collection | List of Scope Tags for this Entity instance. Inherited from deviceConfiguration |
| supportsScopeTags | Boolean | Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleOsEdition | deviceManagementApplicabilityRuleOsEdition | The OS edition applicability for this Policy. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleOsVersion | deviceManagementApplicabilityRuleOsVersion | The OS version applicability rule for this Policy. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleDeviceMode | deviceManagementApplicabilityRuleDeviceMode | The device mode applicability rule for this Policy. Inherited from deviceConfiguration |
| createdDateTime | DateTimeOffset | DateTime the object was created. Inherited from deviceConfiguration |
| description | String | Admin provided description of the Device Configuration. Inherited from deviceConfiguration |
| displayName | String | Admin provided name of the device configuration. Inherited from deviceConfiguration |
| version | Int32 | Version of the device configuration. Inherited from deviceConfiguration |
| preSharedKey | String | This is the pre-shared key for WPA Personal Wi-Fi network. Inherited from windowsWifiConfiguration |
| wifiSecurityType | wiFiSecurityType | Specify the Wifi Security Type. Inherited from windowsWifiConfiguration. Possible values are: open, wpaPersonal, wpaEnterprise, wep, wpa2Personal, wpa2Enterprise. |
| meteredConnectionLimit | meteredConnectionLimitType | Specify the metered connection limit type for the wifi connection. Inherited from windowsWifiConfiguration. Possible values are: unrestricted, fixed, variable. |
| ssid | String | Specify the SSID of the wifi connection. Inherited from windowsWifiConfiguration |
| networkName | String | Specify the network configuration name. Inherited from windowsWifiConfiguration |
| connectAutomatically | Boolean | Specify whether the wifi connection should connect automatically when in range. Inherited from windowsWifiConfiguration |
| connectToPreferredNetwork | Boolean | Specify whether the wifi connection should connect to more preferred networks when already connected to this one. Requires ConnectAutomatically to be true. Inherited from windowsWifiConfiguration |
| connectWhenNetworkNameIsHidden | Boolean | Specify whether the wifi connection should connect automatically even when the SSID is not broadcasting. Inherited from windowsWifiConfiguration |
| proxySetting | wiFiProxySetting | Specify the proxy setting for Wi-Fi configuration Inherited from windowsWifiConfiguration. Possible values are: none, manual, automatic, unknownFutureValue. |
| proxyManualAddress | String | Specify the IP address for the proxy server. Inherited from windowsWifiConfiguration |
| proxyManualPort | Int32 | Specify the port for the proxy server. Inherited from windowsWifiConfiguration |
| proxyAutomaticConfigurationUrl | String | Specify the URL for the proxy server configuration script. Inherited from windowsWifiConfiguration |
| forceFIPSCompliance | Boolean | Specify whether to force FIPS compliance. Inherited from windowsWifiConfiguration |
| networkSingleSignOn | networkSingleSignOnType | Specify the network single sign on type. Possible values are: disabled, prelogon, postlogon. |
| maximumAuthenticationTimeoutInSeconds | Int32 | Specify maximum authentication timeout (in seconds). Valid range: 1-120 |
| userBasedVirtualLan | Boolean | Specifiy whether to change the virtual LAN used by the device based on the user’s credentials. Cannot be used when NetworkSingleSignOnType is set to Disabled. |
| promptForAdditionalAuthenticationCredentials | Boolean | Specify whether the wifi connection should prompt for additional authentication credentials. |
| enablePairwiseMasterKeyCaching | Boolean | Specify whether the wifi connection should enable pairwise master key caching. |
| maximumPairwiseMasterKeyCacheTimeInMinutes | Int32 | Specify maximum pairwise master key cache time (in minutes). Valid range: 5-1440 |
| maximumNumberOfPairwiseMasterKeysInCache | Int32 | Specify maximum number of pairwise master keys in cache. Valid range: 1-255 |
| enablePreAuthentication | Boolean | Specify whether pre-authentication should be enabled. |
| maximumPreAuthenticationAttempts | Int32 | Specify maximum pre-authentication attempts. Valid range: 1-16 |
| eapType | eapType | Extensible Authentication Protocol (EAP). Indicates the type of EAP protocol set on the Wi-Fi endpoint (router). Possible values are: eapTls, leap, eapSim, eapTtls, peap, eapFast, teap. |
| trustedServerCertificateNames | String collection | Specify trusted server certificate names. |
| authenticationMethod | wiFiAuthenticationMethod | Specify the authentication method. Possible values are: certificate, usernameAndPassword, derivedCredential. |
| innerAuthenticationProtocolForEAPTTLS | nonEapAuthenticationMethodForEapTtlsType | Specify inner authentication protocol for EAP TTLS. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, microsoftChapVersionTwo. |
| outerIdentityPrivacyTemporaryValue | String | Specify the string to replace usernames for privacy when using EAP TTLS or PEAP. |
| requireCryptographicBinding | Boolean | Specify whether to enable cryptographic binding when EAP type is selected as PEAP. |
| performServerValidation | Boolean | Specify whether to enable verification of server's identity by validating the certificate when EAP type is selected as PEAP. |
| disableUserPromptForServerValidation | Boolean | Specify whether to prevent the user from being prompted to authorize new servers for trusted certification authorities when EAP type is selected as PEAP. |
| authenticationPeriodInSeconds | Int32 | Specify the number of seconds for the client to wait after an authentication attempt before failing. Valid range 1-3600. |
| authenticationRetryDelayPeriodInSeconds | Int32 | Specify the number of seconds between a failed authentication and the next authentication attempt. Valid range 1-3600. |
| eapolStartPeriodInSeconds | Int32 | Specify the number of seconds to wait before sending an EAPOL (Extensible Authentication Protocol over LAN) Start message. Valid range 1-3600. |
| maximumEAPOLStartMessages | Int32 | Specifiy the maximum number of EAPOL (Extensible Authentication Protocol over LAN) Start messages to be sent before returning failure. Valid range 1-100. |
| maximumAuthenticationFailures | Int32 | Specify the maximum authentication failures allowed for a set of credentials. Valid range 1-100. |
| cacheCredentials | Boolean | Specify whether to cache user credentials on the device so that users don’t need to keep entering them each time they connect. |
| authenticationType | wifiAuthenticationType | Specify whether to authenticate the user, the device, either, or to use guest authentication (none). If you’re using certificate authentication, make sure the certificate type matches the authentication type. Possible values are: none, user, machine, machineOrUser, guest. |
Response
If successful, this method returns a 201 Created response code and a windowsWifiEnterpriseEAPConfiguration object in the response body.
Example
Request
Here is an example of the request.
POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations
Content-type: application/json
Content-length: 2695
{
"@odata.type": "#microsoft.graph.windowsWifiEnterpriseEAPConfiguration",
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"supportsScopeTags": true,
"deviceManagementApplicabilityRuleOsEdition": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
"osEditionTypes": [
"windows10EnterpriseN"
],
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleOsVersion": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
"minOSVersion": "Min OSVersion value",
"maxOSVersion": "Max OSVersion value",
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleDeviceMode": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
"deviceMode": "sModeConfiguration",
"name": "Name value",
"ruleType": "exclude"
},
"description": "Description value",
"displayName": "Display Name value",
"version": 7,
"preSharedKey": "Pre Shared Key value",
"wifiSecurityType": "wpaPersonal",
"meteredConnectionLimit": "fixed",
"ssid": "Ssid value",
"networkName": "Network Name value",
"connectAutomatically": true,
"connectToPreferredNetwork": true,
"connectWhenNetworkNameIsHidden": true,
"proxySetting": "manual",
"proxyManualAddress": "Proxy Manual Address value",
"proxyManualPort": 15,
"proxyAutomaticConfigurationUrl": "https://example.com/proxyAutomaticConfigurationUrl/",
"forceFIPSCompliance": true,
"networkSingleSignOn": "prelogon",
"maximumAuthenticationTimeoutInSeconds": 5,
"userBasedVirtualLan": true,
"promptForAdditionalAuthenticationCredentials": true,
"enablePairwiseMasterKeyCaching": true,
"maximumPairwiseMasterKeyCacheTimeInMinutes": 10,
"maximumNumberOfPairwiseMasterKeysInCache": 8,
"enablePreAuthentication": true,
"maximumPreAuthenticationAttempts": 0,
"eapType": "leap",
"trustedServerCertificateNames": [
"Trusted Server Certificate Names value"
],
"authenticationMethod": "usernameAndPassword",
"innerAuthenticationProtocolForEAPTTLS": "challengeHandshakeAuthenticationProtocol",
"outerIdentityPrivacyTemporaryValue": "Outer Identity Privacy Temporary Value value",
"requireCryptographicBinding": true,
"performServerValidation": true,
"disableUserPromptForServerValidation": true,
"authenticationPeriodInSeconds": 13,
"authenticationRetryDelayPeriodInSeconds": 7,
"eapolStartPeriodInSeconds": 9,
"maximumEAPOLStartMessages": 9,
"maximumAuthenticationFailures": 13,
"cacheCredentials": true,
"authenticationType": "user"
}
Response
Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 2867
{
"@odata.type": "#microsoft.graph.windowsWifiEnterpriseEAPConfiguration",
"id": "7e7183ac-83ac-7e71-ac83-717eac83717e",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"supportsScopeTags": true,
"deviceManagementApplicabilityRuleOsEdition": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
"osEditionTypes": [
"windows10EnterpriseN"
],
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleOsVersion": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
"minOSVersion": "Min OSVersion value",
"maxOSVersion": "Max OSVersion value",
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleDeviceMode": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
"deviceMode": "sModeConfiguration",
"name": "Name value",
"ruleType": "exclude"
},
"createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
"description": "Description value",
"displayName": "Display Name value",
"version": 7,
"preSharedKey": "Pre Shared Key value",
"wifiSecurityType": "wpaPersonal",
"meteredConnectionLimit": "fixed",
"ssid": "Ssid value",
"networkName": "Network Name value",
"connectAutomatically": true,
"connectToPreferredNetwork": true,
"connectWhenNetworkNameIsHidden": true,
"proxySetting": "manual",
"proxyManualAddress": "Proxy Manual Address value",
"proxyManualPort": 15,
"proxyAutomaticConfigurationUrl": "https://example.com/proxyAutomaticConfigurationUrl/",
"forceFIPSCompliance": true,
"networkSingleSignOn": "prelogon",
"maximumAuthenticationTimeoutInSeconds": 5,
"userBasedVirtualLan": true,
"promptForAdditionalAuthenticationCredentials": true,
"enablePairwiseMasterKeyCaching": true,
"maximumPairwiseMasterKeyCacheTimeInMinutes": 10,
"maximumNumberOfPairwiseMasterKeysInCache": 8,
"enablePreAuthentication": true,
"maximumPreAuthenticationAttempts": 0,
"eapType": "leap",
"trustedServerCertificateNames": [
"Trusted Server Certificate Names value"
],
"authenticationMethod": "usernameAndPassword",
"innerAuthenticationProtocolForEAPTTLS": "challengeHandshakeAuthenticationProtocol",
"outerIdentityPrivacyTemporaryValue": "Outer Identity Privacy Temporary Value value",
"requireCryptographicBinding": true,
"performServerValidation": true,
"disableUserPromptForServerValidation": true,
"authenticationPeriodInSeconds": 13,
"authenticationRetryDelayPeriodInSeconds": 7,
"eapolStartPeriodInSeconds": 9,
"maximumEAPOLStartMessages": 9,
"maximumAuthenticationFailures": 13,
"cacheCredentials": true,
"authenticationType": "user"
}