New-MgBetaPolicyPermissionGrantPreApprovalPolicy

Syntax

New-MgBetaPolicyPermissionGrantPreApprovalPolicy
   [-ResponseHeadersVariable <String>]
   [-AdditionalProperties <Hashtable>]
   [-Conditions <IMicrosoftGraphPreApprovalDetail[]>]
   [-DeletedDateTime <DateTime>]
   [-Id <String>]
   [-Headers <IDictionary>]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

New-MgBetaPolicyPermissionGrantPreApprovalPolicy
   -BodyParameter <IMicrosoftGraphPermissionGrantPreApprovalPolicy>
   [-ResponseHeadersVariable <String>]
   [-Headers <IDictionary>]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Create a new permissionGrantPreApprovalPolicy object.

Permissions

Examples

Example 1: Create a preapproval policy for both group and chat scope

Import-Module Microsoft.Graph.Beta.Identity.SignIns

$params = @{
	conditions = @(
		@{
			scopeType = "chat"
			sensitivityLabels = @{
				"@odata.type" = "#microsoft.graph.allScopeSensitivityLabels"
				labelKind = "all"
			}
			permissions = @{
				"@odata.type" = "#microsoft.graph.allPreApprovedPermissions"
				permissionKind = "all"
				permissionType = "application"
			}
		}
		@{
			scopeType = "group"
			scopeSensitivityLabels = @{
				"@odata.type" = "microsoft.graph.enumeratedScopeSensitivityLabels"
				labelKind = "enumerated"
				sensitivityLabels = @(
				"d9c43deb-f3e1-4422-9fd6-ccf22a3206b8"
			"c99dade2-aa54-4890-ac1c-a146fa26bd1e"
		)
	}
	permissions = @{
		"@odata.type" = "#microsoft.graph.enumeratedPreApprovedPermissions"
		permissionKind = "enumerated"
		permissionType = "application"
		resourceApplicationId = "00000003-0000-0000-c000-000000000000"
		permissionIds = @(
		"134483aa-3dda-4d65-ac91-b8dda1417875"
	"9d33613d-f855-483b-bca7-ea63ac9f5485"
)
}
}
)
}

New-MgBetaPolicyPermissionGrantPreApprovalPolicy -BodyParameter $params

This example will create a preapproval policy for both group and chat scope

Example 2: Create a preapproval policy for group scope and preapprove all permissions from a given API

Import-Module Microsoft.Graph.Beta.Identity.SignIns

$params = @{
	conditions = @(
		@{
			scopeType = "group"
			sensitivityLabels = @{
				"@odata.type" = "#microsoft.graph.allScopeSensitivityLabels"
				labelKind = "all"
			}
			permissions = @{
				"@odata.type" = "#microsoft.graph.allPermissionsOnResourceApp"
				permissionKind = "allPermissionsOnResourceApp"
				permissionType = "application"
				resourceApplicationId = "00000003-0000-0000-c000-000000000000"
			}
		}
	)
}

New-MgBetaPolicyPermissionGrantPreApprovalPolicy -BodyParameter $params

This example will create a preapproval policy for group scope and preapprove all permissions from a given api

Parameters

-AdditionalProperties

-BodyParameter

-Conditions

-Confirm

-DeletedDateTime

-Headers

-Id

-ProgressAction

-ResponseHeadersVariable

-WhatIf

Inputs

Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphPermissionGrantPreApprovalPolicy

System.Collections.IDictionary

Outputs

Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphPermissionGrantPreApprovalPolicy

Notes

COMPLEX PARAMETER PROPERTIES

To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.

BODYPARAMETER <IMicrosoftGraphPermissionGrantPreApprovalPolicy>: permissionGrantPreApprovalPolicy

• [(Any) <Object>]: This indicates any property can be added to this object.
• [DeletedDateTime <DateTime?>]: Date and time when this object was deleted. Always null when the object hasn't been deleted.
• [Id <String>]: The unique identifier for an entity. Read-only.
• [Conditions <IMicrosoftGraphPreApprovalDetail- []>]: A list of condition sets describing the conditions under which the permission to grant consent for the app has been preapproved.
  • [Permissions <IMicrosoftGraphPreApprovedPermissions>]: preApprovedPermissions
    • [(Any) <Object>]: This indicates any property can be added to this object.
    • [PermissionKind <String>]: permissionKind
    • [PermissionType <String>]: permissionType
  • [ScopeType <String>]: resourceScopeType
  • [SensitivityLabels <IMicrosoftGraphScopeSensitivityLabels>]: scopeSensitivityLabels
    • [(Any) <Object>]: This indicates any property can be added to this object.
    • [LabelKind <String>]: labelKind

CONDITIONS <IMicrosoftGraphPreApprovalDetail- []>: A list of condition sets describing the conditions under which the permission to grant consent for the app has been preapproved.

• [Permissions <IMicrosoftGraphPreApprovedPermissions>]: preApprovedPermissions
  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [PermissionKind <String>]: permissionKind
  • [PermissionType <String>]: permissionType
• [ScopeType <String>]: resourceScopeType
• [SensitivityLabels <IMicrosoftGraphScopeSensitivityLabels>]: scopeSensitivityLabels
  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [LabelKind <String>]: labelKind

Related Links

• https://learn.microsoft.com/powershell/module/microsoft.graph.beta.identity.signins/new-mgbetapolicypermissiongrantpreapprovalpolicy
• https://learn.microsoft.com/graph/api/policyroot-post-permissiongrantpreapprovalpolicies?view=graph-rest-beta