From 3e722d34615a4ed4bbe036513e08ac2792387bc8 Mon Sep 17 00:00:00 2001 From: Microsoft Graph DevX Tooling Date: Tue, 2 Apr 2024 10:18:16 +0000 Subject: [PATCH] Update generated files with build 141818 --- microsoft-graph.d.ts | 104060 +++++++++++++++++++++------------------- 1 file changed, 53696 insertions(+), 50364 deletions(-) diff --git a/microsoft-graph.d.ts b/microsoft-graph.d.ts index 78fc983..bd882bf 100644 --- a/microsoft-graph.d.ts +++ b/microsoft-graph.d.ts @@ -11,9 +11,378 @@ export as namespace microsoftgraphbeta; export type NullableOption = T | null; +export type AccessLevel = "everyone" | "invited" | "locked" | "sameEnterprise" | "sameEnterpriseAndFederated"; +export type AccessPackageAssignmentFilterByCurrentUserOptions = "target" | "createdBy" | "unknownFutureValue"; +export type AccessPackageAssignmentRequestFilterByCurrentUserOptions = + | "target" + | "createdBy" + | "approver" + | "unknownFutureValue"; +export type AccessPackageCustomExtensionHandlerStatus = "requestSent" | "requestReceived" | "unknownFutureValue"; +export type AccessPackageCustomExtensionStage = + | "assignmentRequestCreated" + | "assignmentRequestApproved" + | "assignmentRequestGranted" + | "assignmentRequestRemoved" + | "assignmentFourteenDaysBeforeExpiration" + | "assignmentOneDayBeforeExpiration" + | "unknownFutureValue"; +export type AccessPackageFilterByCurrentUserOptions = "allowedRequestor" | "unknownFutureValue"; +export type AccessPackageSubjectLifecycle = "notDefined" | "notGoverned" | "governed" | "unknownFutureValue"; +export type AccessReviewHistoryDecisionFilter = + | "approve" + | "deny" + | "notReviewed" + | "dontKnow" + | "notNotified" + | "unknownFutureValue"; +export type AccessReviewHistoryStatus = "done" | "inprogress" | "error" | "requested" | "unknownFutureValue"; +export type AccessReviewInstanceDecisionItemFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; +export type AccessReviewInstanceFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; +export type AccessReviewScheduleDefinitionFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; +export type AccessReviewStageFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; +export type AccessReviewTimeoutBehavior = + | "keepAccess" + | "removeAccess" + | "acceptAccessRecommendation" + | "unknownFutureValue"; +export type AccessType = "grant" | "deny"; +export type AccountStatus = "unknown" | "staged" | "active" | "suspended" | "deleted" | "unknownFutureValue"; +export type AccountTargetContentType = "unknown" | "includeAll" | "addressBook" | "unknownFutureValue"; +export type AclType = "user" | "group" | "everyone" | "everyoneExceptGuests" | "externalGroup" | "unknownFutureValue"; +export type ActionCapability = "enabled" | "disabled" | "unknownFutureValue"; +export type ActionSource = "manual" | "automatic" | "recommended" | "default"; +export type ActionState = "none" | "pending" | "canceled" | "active" | "done" | "failed" | "notSupported"; +export type ActivityDomain = "unknown" | "work" | "personal" | "unrestricted"; +export type ActivityType = "signin" | "user" | "unknownFutureValue" | "servicePrincipal"; +export type AdminConsentState = "notConfigured" | "granted" | "notGranted"; +export type AdministratorConfiguredDeviceComplianceState = "basedOnDeviceCompliancePolicy" | "nonCompliant"; +export type AdvancedBitLockerState = + | "success" + | "noUserConsent" + | "osVolumeUnprotected" + | "osVolumeTpmRequired" + | "osVolumeTpmOnlyRequired" + | "osVolumeTpmPinRequired" + | "osVolumeTpmStartupKeyRequired" + | "osVolumeTpmPinStartupKeyRequired" + | "osVolumeEncryptionMethodMismatch" + | "recoveryKeyBackupFailed" + | "fixedDriveNotEncrypted" + | "fixedDriveEncryptionMethodMismatch" + | "loggedOnUserNonAdmin" + | "windowsRecoveryEnvironmentNotConfigured" + | "tpmNotAvailable" + | "tpmNotReady" + | "networkError"; +export type AdvancedConfigState = "default" | "enabled" | "disabled" | "unknownFutureValue"; +export type AgentStatus = "active" | "inactive"; +export type AgreementAcceptanceState = "accepted" | "declined" | "unknownFutureValue"; +export type AlertFeedback = "unknown" | "truePositive" | "falsePositive" | "benignPositive" | "unknownFutureValue"; +export type AlertSeverity = "unknown" | "informational" | "low" | "medium" | "high" | "unknownFutureValue"; +export type AlertStatus = "unknown" | "newAlert" | "inProgress" | "resolved" | "dismissed" | "unknownFutureValue"; +export type Alignment = "left" | "right" | "center"; +export type AllowedAudiences = + | "me" + | "family" + | "contacts" + | "groupMembers" + | "organization" + | "federatedOrganizations" + | "everyone" + | "unknownFutureValue"; +export type AllowedRolePrincipalTypes = "user" | "servicePrincipal" | "group" | "unknownFutureValue"; +export type AllowInvitesFrom = + | "none" + | "adminsAndGuestInviters" + | "adminsGuestInvitersAndAllMembers" + | "everyone" + | "unknownFutureValue"; +export type AnalyticsActivityType = "Email" | "Meeting" | "Focus" | "Chat" | "Call"; +export type AndroidDeviceOwnerAppAutoUpdatePolicyType = "notConfigured" | "userChoice" | "never" | "wiFiOnly" | "always"; +export type AndroidDeviceOwnerBatteryPluggedMode = "notConfigured" | "ac" | "usb" | "wireless"; +export type AndroidDeviceOwnerCertificateAccessType = "userApproval" | "specificApps" | "unknownFutureValue"; +export type AndroidDeviceOwnerCrossProfileDataSharing = + | "notConfigured" + | "crossProfileDataSharingBlocked" + | "dataSharingFromWorkToPersonalBlocked" + | "crossProfileDataSharingAllowed" + | "unkownFutureValue"; +export type AndroidDeviceOwnerDefaultAppPermissionPolicyType = "deviceDefault" | "prompt" | "autoGrant" | "autoDeny"; +export type AndroidDeviceOwnerDelegatedAppScopeType = + | "unspecified" + | "certificateInstall" + | "captureNetworkActivityLog" + | "captureSecurityLog" + | "unknownFutureValue"; +export type AndroidDeviceOwnerEnrollmentMode = + | "corporateOwnedDedicatedDevice" + | "corporateOwnedFullyManaged" + | "corporateOwnedWorkProfile" + | "corporateOwnedAOSPUserlessDevice" + | "corporateOwnedAOSPUserAssociatedDevice"; +export type AndroidDeviceOwnerEnrollmentProfileType = "notConfigured" | "dedicatedDevice" | "fullyManaged"; +export type AndroidDeviceOwnerEnrollmentTokenType = + | "default" + | "corporateOwnedDedicatedDeviceWithAzureADSharedMode" + | "deviceStaging"; +export type AndroidDeviceOwnerKioskCustomizationStatusBar = + | "notConfigured" + | "notificationsAndSystemInfoEnabled" + | "systemInfoOnly"; +export type AndroidDeviceOwnerKioskCustomizationSystemNavigation = + | "notConfigured" + | "navigationEnabled" + | "homeButtonOnly"; +export type AndroidDeviceOwnerKioskModeFolderIcon = + | "notConfigured" + | "darkSquare" + | "darkCircle" + | "lightSquare" + | "lightCircle"; +export type AndroidDeviceOwnerKioskModeIconSize = + | "notConfigured" + | "smallest" + | "small" + | "regular" + | "large" + | "largest"; +export type AndroidDeviceOwnerKioskModeScreenOrientation = "notConfigured" | "portrait" | "landscape" | "autoRotate"; +export type AndroidDeviceOwnerLocationMode = "notConfigured" | "disabled" | "unknownFutureValue"; +export type AndroidDeviceOwnerPlayStoreMode = "notConfigured" | "allowList" | "blockList"; +export type AndroidDeviceOwnerRequiredPasswordType = + | "deviceDefault" + | "required" + | "numeric" + | "numericComplex" + | "alphabetic" + | "alphanumeric" + | "alphanumericWithSymbols" + | "lowSecurityBiometric" + | "customPassword"; +export type AndroidDeviceOwnerRequiredPasswordUnlock = "deviceDefault" | "daily" | "unkownFutureValue"; +export type AndroidDeviceOwnerSystemUpdateInstallType = "deviceDefault" | "postpone" | "windowed" | "automatic"; +export type AndroidDeviceOwnerVirtualHomeButtonType = "notConfigured" | "swipeUp" | "floating"; +export type AndroidDeviceOwnerWiFiSecurityType = "open" | "wep" | "wpaPersonal" | "wpaEnterprise"; +export type AndroidEapType = "eapTls" | "eapTtls" | "peap"; +export type AndroidForWorkAppConfigurationSchemaItemDataType = + | "bool" + | "integer" + | "string" + | "choice" + | "multiselect" + | "bundle" + | "bundleArray" + | "hidden"; +export type AndroidForWorkBindStatus = "notBound" | "bound" | "boundAndValidated" | "unbinding"; +export type AndroidForWorkCrossProfileDataSharingType = + | "deviceDefault" + | "preventAny" + | "allowPersonalToWork" + | "noRestrictions"; +export type AndroidForWorkDefaultAppPermissionPolicyType = "deviceDefault" | "prompt" | "autoGrant" | "autoDeny"; +export type AndroidForWorkEnrollmentTarget = "none" | "all" | "targeted" | "targetedAsEnrollmentRestrictions"; +export type AndroidForWorkRequiredPasswordType = + | "deviceDefault" + | "lowSecurityBiometric" + | "required" + | "atLeastNumeric" + | "numericComplex" + | "atLeastAlphabetic" + | "atLeastAlphanumeric" + | "alphanumericWithSymbols"; +export type AndroidForWorkSyncStatus = + | "success" + | "credentialsNotValid" + | "androidForWorkApiError" + | "managementServiceError" + | "unknownError" + | "none"; +export type AndroidForWorkVpnConnectionType = + | "ciscoAnyConnect" + | "pulseSecure" + | "f5EdgeClient" + | "dellSonicWallMobileConnect" + | "checkPointCapsuleVpn" + | "citrix"; +export type AndroidKeyguardFeature = + | "notConfigured" + | "camera" + | "notifications" + | "unredactedNotifications" + | "trustAgents" + | "fingerprint" + | "remoteInput" + | "allFeatures" + | "face" + | "iris" + | "biometrics"; +export type AndroidManagedAppSafetyNetAppsVerificationType = "none" | "enabled"; +export type AndroidManagedAppSafetyNetDeviceAttestationType = + | "none" + | "basicIntegrity" + | "basicIntegrityAndDeviceCertification"; +export type AndroidManagedAppSafetyNetEvaluationType = "basic" | "hardwareBacked"; +export type AndroidManagedStoreAccountAppSyncStatus = + | "success" + | "credentialsNotValid" + | "androidForWorkApiError" + | "managementServiceError" + | "unknownError" + | "none"; +export type AndroidManagedStoreAccountBindStatus = "notBound" | "bound" | "boundAndValidated" | "unbinding"; +export type AndroidManagedStoreAccountEnrollmentTarget = + | "none" + | "all" + | "targeted" + | "targetedAsEnrollmentRestrictions"; +export type AndroidManagedStoreAppConfigurationSchemaItemDataType = + | "bool" + | "integer" + | "string" + | "choice" + | "multiselect" + | "bundle" + | "bundleArray" + | "hidden"; +export type AndroidManagedStoreAutoUpdateMode = "default" | "postponed" | "priority" | "unknownFutureValue"; +export type AndroidPermissionActionType = "prompt" | "autoGrant" | "autoDeny"; +export type AndroidProfileApplicability = "default" | "androidWorkProfile" | "androidDeviceOwner"; +export type AndroidRequiredPasswordComplexity = "none" | "low" | "medium" | "high"; +export type AndroidRequiredPasswordType = + | "deviceDefault" + | "alphabetic" + | "alphanumeric" + | "alphanumericWithSymbols" + | "lowSecurityBiometric" + | "numeric" + | "numericComplex" + | "any"; +export type AndroidSafetyNetEvaluationType = "basic" | "hardwareBacked"; +export type AndroidTargetedPlatforms = "androidDeviceAdministrator" | "androidOpenSourceProject" | "unknownFutureValue"; +export type AndroidUsernameSource = "username" | "userPrincipalName" | "samAccountName" | "primarySmtpAddress"; +export type AndroidVpnConnectionType = + | "ciscoAnyConnect" + | "pulseSecure" + | "f5EdgeClient" + | "dellSonicWallMobileConnect" + | "checkPointCapsuleVpn" + | "citrix" + | "microsoftTunnel" + | "netMotionMobility" + | "microsoftProtect"; +export type AndroidWiFiSecurityType = "open" | "wpaEnterprise" | "wpa2Enterprise"; +export type AndroidWorkProfileAccountUse = + | "allowAllExceptGoogleAccounts" + | "blockAll" + | "allowAll" + | "unknownFutureValue"; +export type AndroidWorkProfileCrossProfileDataSharingType = + | "deviceDefault" + | "preventAny" + | "allowPersonalToWork" + | "noRestrictions"; +export type AndroidWorkProfileDefaultAppPermissionPolicyType = "deviceDefault" | "prompt" | "autoGrant" | "autoDeny"; +export type AndroidWorkProfileRequiredPasswordType = + | "deviceDefault" + | "lowSecurityBiometric" + | "required" + | "atLeastNumeric" + | "numericComplex" + | "atLeastAlphabetic" + | "atLeastAlphanumeric" + | "alphanumericWithSymbols"; +export type AndroidWorkProfileVpnConnectionType = + | "ciscoAnyConnect" + | "pulseSecure" + | "f5EdgeClient" + | "dellSonicWallMobileConnect" + | "checkPointCapsuleVpn" + | "citrix" + | "paloAltoGlobalProtect" + | "microsoftTunnel" + | "netMotionMobility" + | "microsoftProtect"; +export type AnswerInputType = "text" | "radioButton" | "unknownFutureValue"; +export type AospDeviceOwnerWiFiSecurityType = "open" | "wep" | "wpaPersonal" | "wpaEnterprise"; +export type AospWifiSecurityType = "none" | "wpa" | "wep"; +export type AppCredentialRestrictionType = + | "passwordAddition" + | "passwordLifetime" + | "symmetricKeyAddition" + | "symmetricKeyLifetime" + | "customPasswordAddition" + | "unknownFutureValue"; +export type AppInstallControlType = "notConfigured" | "anywhere" | "storeOnly" | "recommendations" | "preferStore"; +export type AppKeyCredentialRestrictionType = + | "asymmetricKeyLifetime" + | "trustedCertificateAuthority" + | "unknownFutureValue"; +export type AppleDeploymentChannel = "deviceChannel" | "userChannel"; +export type AppleSubjectNameFormat = + | "commonName" + | "commonNameAsEmail" + | "custom" + | "commonNameIncludingEmail" + | "commonNameAsIMEI" + | "commonNameAsSerialNumber"; +export type AppleUserInitiatedEnrollmentType = + | "unknown" + | "device" + | "user" + | "accountDrivenUserEnrollment" + | "webDeviceEnrollment" + | "unknownFutureValue"; +export type AppleVpnConnectionType = + | "ciscoAnyConnect" + | "pulseSecure" + | "f5EdgeClient" + | "dellSonicWallMobileConnect" + | "checkPointCapsuleVpn" + | "customVpn" + | "ciscoIPSec" + | "citrix" + | "ciscoAnyConnectV2" + | "paloAltoGlobalProtect" + | "zscalerPrivateAccess" + | "f5Access2018" + | "citrixSso" + | "paloAltoGlobalProtectV2" + | "ikEv2" + | "alwaysOn" + | "microsoftTunnel" + | "netMotionMobility" + | "microsoftProtect"; +export type ApplicationGuardBlockClipboardSharingType = + | "notConfigured" + | "blockBoth" + | "blockHostToContainer" + | "blockContainerToHost" + | "blockNone"; +export type ApplicationGuardBlockFileTransferType = + | "notConfigured" + | "blockImageAndTextFile" + | "blockImageFile" + | "blockNone" + | "blockTextFile"; +export type ApplicationGuardEnabledOptions = + | "notConfigured" + | "enabledForEdge" + | "enabledForOffice" + | "enabledForEdgeAndOffice"; export type ApplicationKeyOrigin = "application" | "servicePrincipal" | "unknownFutureValue"; export type ApplicationKeyType = "clientSecret" | "certificate" | "unknownFutureValue"; export type ApplicationKeyUsage = "sign" | "verify" | "unknownFutureValue"; +export type ApplicationMode = "manual" | "automatic" | "recommended"; +export type ApplicationPermissionsRequired = + | "unknown" + | "anonymous" + | "guest" + | "user" + | "administrator" + | "system" + | "unknownFutureValue"; +export type ApplicationType = "universal" | "desktop"; export type AppliedConditionalAccessPolicyResult = | "success" | "failure" @@ -25,6 +394,89 @@ export type AppliedConditionalAccessPolicyResult = | "reportOnlyFailure" | "reportOnlyNotApplied" | "reportOnlyInterrupted"; +export type AppListType = "none" | "appsInListCompliant" | "appsNotInListCompliant"; +export type AppLockerApplicationControlType = + | "notConfigured" + | "enforceComponentsAndStoreApps" + | "auditComponentsAndStoreApps" + | "enforceComponentsStoreAppsAndSmartlocker" + | "auditComponentsStoreAppsAndSmartlocker"; +export type AppLogDecryptionAlgorithm = "aes256" | "unknownFutureValue"; +export type AppLogUploadState = "pending" | "completed" | "failed" | "unknownFutureValue"; +export type AppManagementLevel = + | "unspecified" + | "unmanaged" + | "mdm" + | "androidEnterprise" + | "androidEnterpriseDedicatedDevicesWithAzureAdSharedMode" + | "androidOpenSourceProjectUserAssociated" + | "androidOpenSourceProjectUserless" + | "unknownFutureValue"; +export type ApprovalFilterByCurrentUserOptions = "target" | "createdBy" | "approver" | "unknownFutureValue"; +export type ApprovalState = "pending" | "approved" | "denied" | "aborted" | "canceled"; +export type AppsUpdateChannelType = "current" | "monthlyEnterprise" | "semiAnnual" | "unknownFutureValue"; +export type AppVulnerabilityTaskMitigationType = "unknown" | "update" | "uninstall" | "securityConfiguration"; +export type AssignmentFilterEvaluationResult = + | "unknown" + | "match" + | "notMatch" + | "inconclusive" + | "failure" + | "notEvaluated"; +export type AssignmentFilterManagementType = "devices" | "apps" | "unknownFutureValue"; +export type AssignmentFilterOperator = + | "notSet" + | "equals" + | "notEquals" + | "startsWith" + | "notStartsWith" + | "contains" + | "notContains" + | "in" + | "notIn" + | "endsWith" + | "notEndsWith"; +export type AssignmentFilterPayloadType = "notSet" | "enrollmentRestrictions"; +export type AssignmentMethod = "standard" | "privileged" | "auto"; +export type AssignmentScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; +export type AssignmentScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; +export type AssignmentScheduleRequestFilterByCurrentUserOptions = + | "principal" + | "createdBy" + | "approver" + | "unknownFutureValue"; +export type AssignmentType = "required" | "recommended" | "unknownFutureValue"; +export type AssociatedAssignmentPayloadType = + | "unknown" + | "deviceConfigurationAndCompliance" + | "application" + | "androidEnterpriseApp" + | "enrollmentConfiguration" + | "groupPolicyConfiguration" + | "zeroTouchDeploymentDeviceConfigProfile" + | "androidEnterpriseConfiguration" + | "deviceFirmwareConfigurationInterfacePolicy" + | "resourceAccessPolicy" + | "win32app" + | "deviceManagmentConfigurationAndCompliancePolicy"; +export type AttachmentType = "file" | "item" | "reference"; +export type AttackSimulationOperationType = "createSimualation" | "updateSimulation" | "unknownFutureValue"; +export type AttendeeType = "required" | "optional" | "resource"; +export type AttestationLevel = "attested" | "notAttested" | "unknownFutureValue"; +export type AttributeDefinitionMetadata = + | "BaseAttributeName" + | "ComplexObjectDefinition" + | "IsContainer" + | "IsCustomerDefined" + | "IsDomainQualified" + | "LinkPropertyNames" + | "LinkTypeName" + | "MaximumLength" + | "ReferencedProperty"; +export type AttributeFlowBehavior = "FlowWhenChanged" | "FlowAlways"; +export type AttributeFlowType = "Always" | "ObjectAddOnly" | "MultiValueAddOnly" | "ValueAddOnly" | "AttributeAddOnly"; +export type AttributeMappingSourceType = "Attribute" | "Constant" | "Function"; +export type AttributeType = "String" | "Integer" | "Reference" | "Binary" | "Boolean" | "DateTime"; export type AuthenticationAppAdminConfiguration = "notApplicable" | "enabled" | "disabled" | "unknownFutureValue"; export type AuthenticationAppEvaluation = "success" | "failure" | "unknownFutureValue"; export type AuthenticationAppPolicyStatus = @@ -46,6 +498,12 @@ export type AuthenticationAppPolicyStatus = | "tamperResistantHardwareUsed" | "tamperResistantHardwareNotUsed" | "unknownFutureValue"; +export type AuthenticationAttributeCollectionInputType = + | "text" + | "radioSingleSelect" + | "checkboxMultiSelect" + | "boolean" + | "unknownFutureValue"; export type AuthenticationContextDetail = "required" | "previouslySatisfied" | "notApplicable" | "unknownFutureValue"; export type AuthenticationEventType = "tokenIssuanceStart" | "pageRenderStart" | "unknownFutureValue"; export type AuthenticationMethodFeature = @@ -55,6 +513,52 @@ export type AuthenticationMethodFeature = | "passwordlessCapable" | "mfaCapable" | "unknownFutureValue"; +export type AuthenticationMethodKeyStrength = "normal" | "weak" | "unknown"; +export type AuthenticationMethodModes = + | "password" + | "voice" + | "hardwareOath" + | "softwareOath" + | "sms" + | "fido2" + | "windowsHelloForBusiness" + | "microsoftAuthenticatorPush" + | "deviceBasedPush" + | "temporaryAccessPassOneTime" + | "temporaryAccessPassMultiUse" + | "email" + | "x509CertificateSingleFactor" + | "x509CertificateMultiFactor" + | "federatedSingleFactor" + | "federatedMultiFactor" + | "unknownFutureValue"; +export type AuthenticationMethodPlatform = + | "unknown" + | "windows" + | "macOS" + | "iOS" + | "android" + | "linux" + | "unknownFutureValue"; +export type AuthenticationMethodSignInState = + | "notSupported" + | "notAllowedByPolicy" + | "notEnabled" + | "phoneNumberNotUnique" + | "ready" + | "notConfigured" + | "unknownFutureValue"; +export type AuthenticationMethodsPolicyMigrationState = + | "preMigration" + | "migrationInProgress" + | "migrationComplete" + | "unknownFutureValue"; +export type AuthenticationMethodState = "enabled" | "disabled"; +export type AuthenticationMethodTargetType = "user" | "group" | "unknownFutureValue"; +export type AuthenticationPhoneType = "mobile" | "alternateMobile" | "office" | "unknownFutureValue"; +export type AuthenticationProtocol = "wsFed" | "saml" | "unknownFutureValue"; +export type AuthenticationStrengthPolicyType = "builtIn" | "custom" | "unknownFutureValue"; +export type AuthenticationStrengthRequirements = "none" | "mfa" | "unknownFutureValue"; export type AuthenticationStrengthResult = | "notSet" | "skippedForProofUp" @@ -66,6 +570,13 @@ export type AuthenticationStrengthResult = | "cannotSatisfyDueToCombinationConfiguration" | "cannotSatisfy" | "unknownFutureValue"; +export type AuthenticationTransformConstant = + | "md5_96" + | "sha1_96" + | "sha_256_128" + | "aes128Gcm" + | "aes192Gcm" + | "aes256Gcm"; export type AuthMethodsType = | "email" | "mobileSMS" @@ -80,330 +591,52 @@ export type AuthMethodsType = | "alternateMobilePhone" | "mobilePhoneAndSMS" | "unknownFutureValue"; -export type ClientCredentialType = - | "none" - | "clientSecret" - | "clientAssertion" - | "federatedIdentityCredential" - | "managedIdentity" - | "certificate" - | "unknownFutureValue"; -export type ConditionalAccessConditions = - | "none" - | "application" - | "users" - | "devicePlatform" - | "location" - | "clientType" - | "signInRisk" - | "userRisk" - | "time" - | "deviceState" - | "client" - | "ipAddressSeenByAzureAD" - | "ipAddressSeenByResourceProvider" - | "unknownFutureValue" - | "servicePrincipals" - | "servicePrincipalRisk" - | "authenticationFlows" - | "insiderRisk"; -export type ConditionalAccessRule = - | "allApps" - | "firstPartyApps" - | "office365" - | "appId" - | "acr" - | "appFilter" - | "allUsers" - | "guest" - | "groupId" - | "roleId" - | "userId" - | "allDevicePlatforms" - | "devicePlatform" - | "allLocations" - | "insideCorpnet" - | "allTrustedLocations" - | "locationId" - | "allDevices" - | "deviceFilter" - | "deviceState" - | "unknownFutureValue" - | "deviceFilterIncludeRuleNotMatched" - | "allDeviceStates" - | "anonymizedIPAddress" - | "unfamiliarFeatures" - | "nationStateIPAddress" - | "realTimeThreatIntelligence" - | "internalGuest" - | "b2bCollaborationGuest" - | "b2bCollaborationMember" - | "b2bDirectConnectUser" - | "otherExternalUser" - | "serviceProvider" - | "microsoftAdminPortals" - | "deviceCodeFlow" - | "authenticationTransfer" - | "insiderRisk"; -export type ConditionalAccessStatus = "success" | "failure" | "notApplied" | "unknownFutureValue"; -export type DefaultMfaMethodType = - | "none" - | "mobilePhone" - | "alternateMobilePhone" - | "officePhone" - | "microsoftAuthenticatorPush" - | "softwareOneTimePasscode" - | "unknownFutureValue"; -export type ExpirationRequirement = - | "rememberMultifactorAuthenticationOnTrustedDevices" - | "tenantTokenLifetimePolicy" - | "audienceTokenLifetimePolicy" - | "signInFrequencyPeriodicReauthentication" - | "ngcMfa" - | "signInFrequencyEveryTime" - | "unknownFutureValue"; -export type FeatureType = "registration" | "reset" | "unknownFutureValue"; -export type GroupType = "unifiedGroups" | "azureAD" | "unknownFutureValue"; -export type IncludedUserRoles = "all" | "privilegedAdmin" | "admin" | "user" | "unknownFutureValue"; -export type IncludedUserTypes = "all" | "member" | "guest" | "unknownFutureValue"; -export type IncomingTokenType = - | "none" - | "primaryRefreshToken" - | "saml11" - | "saml20" - | "unknownFutureValue" - | "remoteDesktopToken"; -export type InitiatorType = "user" | "application" | "system" | "unknownFutureValue"; -export type MigrationStatus = "ready" | "needsReview" | "additionalStepsRequired" | "unknownFutureValue"; -export type MsiType = "none" | "userAssigned" | "systemAssigned" | "unknownFutureValue"; -export type NetworkType = - | "intranet" - | "extranet" - | "namedNetwork" - | "trusted" - | "trustedNamedLocation" - | "unknownFutureValue"; -export type OperationResult = "success" | "failure" | "timeout" | "unknownFutureValue"; -export type OriginalTransferMethods = "none" | "deviceCodeFlow" | "authenticationTransfer" | "unknownFutureValue"; -export type OutlierContainerType = "group" | "unknownFutureValue"; -export type OutlierMemberType = "user" | "unknownFutureValue"; -export type ProtocolType = - | "none" - | "oAuth2" - | "ropc" - | "wsFederation" - | "saml20" - | "deviceCode" - | "unknownFutureValue" - | "authenticationTransfer"; -export type ProvisioningAction = - | "other" - | "create" - | "delete" - | "disable" - | "update" - | "stagedDelete" - | "unknownFutureValue"; -export type ProvisioningResult = "success" | "failure" | "skipped" | "warning" | "unknownFutureValue"; -export type ProvisioningStatusErrorCategory = "failure" | "nonServiceFailure" | "success" | "unknownFutureValue"; -export type ProvisioningStepType = - | "import" - | "scoping" - | "matching" - | "processing" - | "referenceResolution" - | "export" - | "unknownFutureValue"; -export type RecommendationCategory = "identityBestPractice" | "identitySecureScore" | "unknownFutureValue"; -export type RecommendationFeatureAreas = - | "users" - | "groups" - | "devices" - | "applications" - | "accessReviews" - | "conditionalAccess" - | "governance" - | "unknownFutureValue"; -export type RecommendationPriority = "low" | "medium" | "high"; -export type RecommendationStatus = - | "active" - | "completedBySystem" - | "completedByUser" - | "dismissed" - | "postponed" - | "unknownFutureValue"; -export type RecommendationType = - | "adfsAppsMigration" - | "enableDesktopSSO" - | "enablePHS" - | "enableProvisioning" - | "switchFromPerUserMFA" - | "tenantMFA" - | "thirdPartyApps" - | "turnOffPerUserMFA" - | "useAuthenticatorApp" - | "useMyApps" - | "staleApps" - | "staleAppCreds" - | "applicationCredentialExpiry" - | "servicePrincipalKeyExpiry" - | "adminMFAV2" - | "blockLegacyAuthentication" - | "integratedApps" - | "mfaRegistrationV2" - | "pwagePolicyNew" - | "passwordHashSync" - | "oneAdmin" - | "roleOverlap" - | "selfServicePasswordReset" - | "signinRiskPolicy" - | "userRiskPolicy" - | "verifyAppPublisher" - | "privateLinkForAAD" - | "appRoleAssignmentsGroups" - | "appRoleAssignmentsUsers" - | "managedIdentity" - | "overprivilegedApps" - | "unknownFutureValue" - | "longLivedCredentials" - | "aadConnectDeprecated" - | "adalToMsalMigration" - | "ownerlessApps" - | "inactiveGuests"; -export type RegistrationAuthMethod = - | "email" - | "mobilePhone" - | "officePhone" - | "securityQuestion" - | "appNotification" - | "appCode" - | "alternateMobilePhone" - | "fido" - | "appPassword" - | "unknownFutureValue"; -export type RegistrationStatusType = "registered" | "enabled" | "capable" | "mfaRegistered" | "unknownFutureValue"; -export type ReleaseType = "preview" | "generallyAvailable" | "unknownFutureValue"; -export type RequirementProvider = - | "user" - | "request" - | "servicePrincipal" - | "v1ConditionalAccess" - | "multiConditionalAccess" - | "tenantSessionRiskPolicy" - | "accountCompromisePolicies" - | "v1ConditionalAccessDependency" - | "v1ConditionalAccessPolicyIdRequested" - | "mfaRegistrationRequiredByIdentityProtectionPolicy" - | "baselineProtection" - | "mfaRegistrationRequiredByBaselineProtection" - | "mfaRegistrationRequiredByMultiConditionalAccess" - | "enforcedForCspAdmins" - | "securityDefaults" - | "mfaRegistrationRequiredBySecurityDefaults" - | "proofUpCodeRequest" - | "crossTenantOutboundRule" - | "gpsLocationCondition" - | "riskBasedPolicy" - | "unknownFutureValue"; -export type RiskDetail = - | "none" - | "adminGeneratedTemporaryPassword" - | "userPerformedSecuredPasswordChange" - | "userPerformedSecuredPasswordReset" - | "adminConfirmedSigninSafe" - | "aiConfirmedSigninSafe" - | "userPassedMFADrivenByRiskBasedPolicy" - | "adminDismissedAllRiskForUser" - | "adminConfirmedSigninCompromised" - | "hidden" - | "adminConfirmedUserCompromised" - | "unknownFutureValue" - | "adminConfirmedServicePrincipalCompromised" - | "adminDismissedAllRiskForServicePrincipal" - | "m365DAdminDismissedDetection"; -export type RiskLevel = "low" | "medium" | "high" | "hidden" | "none" | "unknownFutureValue"; -export type RiskState = - | "none" - | "confirmedSafe" - | "remediated" - | "dismissed" - | "atRisk" - | "confirmedCompromised" - | "unknownFutureValue"; -export type SignInAccessType = - | "none" - | "b2bCollaboration" - | "b2bDirectConnect" - | "microsoftSupport" - | "serviceProvider" - | "unknownFutureValue" - | "passthrough"; -export type SignInIdentifierType = - | "userPrincipalName" - | "phoneNumber" - | "proxyAddress" - | "qrCode" - | "onPremisesUserPrincipalName" - | "unknownFutureValue"; -export type SignInUserType = "member" | "guest" | "unknownFutureValue"; -export type TokenIssuerType = - | "AzureAD" - | "ADFederationServices" - | "UnknownFutureValue" - | "AzureADBackupAuth" - | "ADFederationServicesMFAAdapter" - | "NPSExtension"; -export type TokenProtectionStatus = "none" | "bound" | "unbound" | "unknownFutureValue"; -export type UsageAuthMethod = - | "email" - | "mobileSMS" - | "mobileCall" - | "officePhone" - | "securityQuestion" - | "appNotification" - | "appCode" - | "alternateMobileCall" - | "fido" - | "appPassword" - | "unknownFutureValue"; -export type UserDefaultAuthenticationMethod = - | "push" - | "oath" - | "voiceMobile" - | "voiceAlternateMobile" - | "voiceOffice" - | "sms" - | "none" +export type AuthorizationSystemActionSeverity = "normal" | "high" | "unknownFutureValue"; +export type AuthorizationSystemActionType = "delete" | "read" | "unknownFutureValue"; +export type AuthorizationSystemType = "azure" | "gcp" | "aws" | "unknownFutureValue"; +export type AutoAdmittedUsersType = "everyoneInCompany" | "everyone"; +export type AutomaticRepliesStatus = "disabled" | "alwaysEnabled" | "scheduled"; +export type AutomaticUpdateMode = + | "userDefined" + | "notifyDownload" + | "autoInstallAtMaintenanceTime" + | "autoInstallAndRebootAtMaintenanceTime" + | "autoInstallAndRebootAtScheduledTime" + | "autoInstallAndRebootWithoutEndUserControl" + | "windowsDefault"; +export type AutoRestartNotificationDismissalMethod = "notConfigured" | "automatic" | "user" | "unknownFutureValue"; +export type AwsAccessType = "public" | "restricted" | "crossAccount" | "private" | "unknownFutureValue"; +export type AwsPolicyType = "system" | "custom" | "unknownFutureValue"; +export type AwsRoleTrustEntityType = "none" | "service" | "sso" | "crossAccount" | "webIdentity" | "unknownFutureValue"; +export type AwsRoleType = "system" | "custom" | "unknownFutureValue"; +export type AwsSecretInformationWebServices = + | "secretsManager" + | "certificateAuthority" + | "cloudHsm" + | "certificateManager" | "unknownFutureValue"; -export type AnalyticsActivityType = "Email" | "Meeting" | "Focus" | "Chat" | "Call"; -export type AdvancedConfigState = "default" | "enabled" | "disabled" | "unknownFutureValue"; -export type AuthenticationMethodModes = - | "password" - | "voice" - | "hardwareOath" - | "softwareOath" - | "sms" - | "fido2" - | "windowsHelloForBusiness" - | "microsoftAuthenticatorPush" - | "deviceBasedPush" - | "temporaryAccessPassOneTime" - | "temporaryAccessPassMultiUse" - | "email" - | "x509CertificateSingleFactor" - | "x509CertificateMultiFactor" - | "federatedSingleFactor" - | "federatedMultiFactor" +export type AwsSecurityToolWebServices = + | "macie" + | "wafShield" + | "cloudTrail" + | "inspector" + | "securityHub" + | "detective" + | "guardDuty" | "unknownFutureValue"; -export type AuthenticationMethodsPolicyMigrationState = - | "preMigration" - | "migrationInProgress" - | "migrationComplete" +export type AwsStatementEffect = "allow" | "deny" | "unknownFutureValue"; +export type AzureAccessType = "public" | "private" | "unknownFutureValue"; +export type AzureAttestationSettingStatus = "notApplicable" | "enabled" | "disabled" | "unknownFutureValue"; +export type AzureEncryption = "microsoftStorage" | "microsoftKeyVault" | "customer" | "unknownFutureValue"; +export type AzureRoleDefinitionType = "system" | "custom" | "unknownFutureValue"; +export type B2bIdentityProvidersType = + | "azureActiveDirectory" + | "externalFederation" + | "socialIdentityProviders" + | "emailOneTimePasscode" + | "microsoftAccount" + | "defaultConfiguredIdp" | "unknownFutureValue"; -export type AuthenticationMethodState = "enabled" | "disabled"; -export type AuthenticationMethodTargetType = "user" | "group" | "unknownFutureValue"; -export type AuthenticationStrengthPolicyType = "builtIn" | "custom" | "unknownFutureValue"; -export type AuthenticationStrengthRequirements = "none" | "mfa" | "unknownFutureValue"; export type BaseAuthenticationMethod = | "password" | "voice" @@ -418,47 +651,17 @@ export type BaseAuthenticationMethod = | "x509Certificate" | "federation" | "unknownFutureValue"; -export type ExternalEmailOtpState = "default" | "enabled" | "disabled" | "unknownFutureValue"; -export type FeatureTargetType = "group" | "administrativeUnit" | "role" | "unknownFutureValue"; -export type Fido2RestrictionEnforcementType = "allow" | "block" | "unknownFutureValue"; -export type MicrosoftAuthenticatorAuthenticationMode = "deviceBasedPush" | "push" | "any"; -export type SecurityQuestionType = "predefined" | "custom"; -export type X509CertificateAffinityLevel = "low" | "high" | "unknownFutureValue"; -export type X509CertificateAuthenticationMode = - | "x509CertificateSingleFactor" - | "x509CertificateMultiFactor" - | "unknownFutureValue"; -export type X509CertificateIssuerHintsState = "disabled" | "enabled" | "unknownFutureValue"; -export type X509CertificateRuleType = "issuerSubject" | "policyOID" | "unknownFutureValue" | "issuerSubjectAndPolicyOID"; -export type EntityType = - | "event" - | "message" - | "driveItem" - | "externalItem" - | "site" - | "list" - | "listItem" - | "drive" - | "unknownFutureValue" - | "acronym" - | "bookmark" - | "chatMessage" - | "person" - | "qna"; -export type PhoneType = - | "home" - | "business" - | "mobile" - | "other" - | "assistant" - | "homeFax" - | "businessFax" - | "otherFax" - | "pager" - | "radio"; -export type VolumeType = "operatingSystemVolume" | "fixedDataVolume" | "removableDataVolume" | "unknownFutureValue"; -export type AnswerInputType = "text" | "radioButton" | "unknownFutureValue"; +export type BinaryOperator = "or" | "and"; +export type BitLockerEncryptionMethod = "aesCbc128" | "aesCbc256" | "xtsAes128" | "xtsAes256"; +export type BitLockerRecoveryInformationType = "passwordAndKey" | "passwordOnly"; +export type BitLockerRecoveryPasswordRotationType = + | "notConfigured" + | "disabled" + | "enabledForAzureAd" + | "enabledForAzureAdAndHybrid"; +export type BodyType = "text" | "html"; export type BookingInvoiceStatus = "draft" | "reviewing" | "open" | "canceled" | "paid" | "corrective"; +export type BookingPageAccessControl = "unrestricted" | "restrictedToOrganization" | "unknownFutureValue"; export type BookingPriceType = | "undefined" | "fixedPrice" @@ -470,6 +673,11 @@ export type BookingPriceType = | "notSet"; export type BookingReminderRecipients = "allAttendees" | "staff" | "customer"; export type BookingsAvailabilityStatus = "available" | "busy" | "slotsAvailable" | "outOfOffice" | "unknownFutureValue"; +export type BookingsServiceAvailabilityType = + | "bookWhenStaffAreFree" + | "notBookable" + | "customWeeklyHours" + | "unknownFutureValue"; export type BookingStaffMembershipStatus = "active" | "pendingAcceptance" | "rejectedByStaff" | "unknownFutureValue"; export type BookingStaffRole = | "guest" @@ -479,88 +687,271 @@ export type BookingStaffRole = | "unknownFutureValue" | "scheduler" | "teamMember"; -export type DayOfWeek = "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday"; -export type LocationType = - | "default" - | "conferenceRoom" - | "homeAddress" - | "businessAddress" - | "geoCoordinates" - | "streetAddress" - | "hotel" - | "restaurant" - | "localBusiness" - | "postalAddress"; -export type LocationUniqueIdType = "unknown" | "locationStore" | "directory" | "private" | "bing"; -export type PhysicalAddressType = "unknown" | "home" | "business" | "other"; -export type PlannerRelationshipUserRoles = - | "defaultRules" - | "groupOwners" - | "groupMembers" - | "taskAssignees" - | "applications" +export type BookingType = "unknown" | "standard" | "reserved"; +export type BroadcastMeetingAudience = "roleIsAttendee" | "organization" | "everyone" | "unknownFutureValue"; +export type BrowserSharedCookieSourceEnvironment = + | "microsoftEdge" + | "internetExplorer11" + | "both" | "unknownFutureValue"; -export type PlannerRuleKind = "taskRule" | "bucketRule" | "planRule" | "unknownFutureValue"; -export type PlannerUserRoleKind = "relationship" | "unknownFutureValue"; -export type ActionCapability = "enabled" | "disabled" | "unknownFutureValue"; -export type ActionState = "none" | "pending" | "canceled" | "active" | "done" | "failed" | "notSupported"; -export type AllowedRolePrincipalTypes = "user" | "servicePrincipal" | "group" | "unknownFutureValue"; -export type CloudPcAuditActivityOperationType = "create" | "delete" | "patch" | "other"; -export type CloudPcAuditActivityResult = "success" | "clientError" | "failure" | "timeout" | "other"; -export type CloudPcAuditActorType = "itPro" | "application" | "partner" | "unknown"; -export type CloudPcAuditCategory = "cloudPC" | "other"; -export type CloudPcConnectivityEventResult = "unknown" | "success" | "failure" | "unknownFutureValue"; -export type CloudPcConnectivityEventType = - | "unknown" - | "userConnection" - | "userTroubleshooting" - | "deviceHealthCheck" +export type BrowserSharedCookieStatus = + | "published" + | "pendingAdd" + | "pendingEdit" + | "pendingDelete" | "unknownFutureValue"; -export type CloudPcConnectivityStatus = - | "unknown" - | "available" - | "availableWithWarning" - | "unavailable" +export type BrowserSiteCompatibilityMode = + | "default" + | "internetExplorer8Enterprise" + | "internetExplorer7Enterprise" + | "internetExplorer11" + | "internetExplorer10" + | "internetExplorer9" + | "internetExplorer8" + | "internetExplorer7" + | "internetExplorer5" | "unknownFutureValue"; -export type CloudPcDeviceImageOsStatus = "supported" | "supportedWithWarning" | "unknownFutureValue"; -export type CloudPcDeviceImageStatus = "pending" | "ready" | "failed"; -export type CloudPcDeviceImageStatusDetails = - | "internalServerError" - | "sourceImageNotFound" - | "osVersionNotSupported" - | "sourceImageInvalid" - | "sourceImageNotGeneralized" - | "unknownFutureValue" - | "vmAlreadyAzureAdjoined" - | "paidSourceImageNotSupport" - | "sourceImageNotSupportCustomizeVMName" - | "sourceImageSizeExceedsLimitation"; -export type CloudPcDiskEncryptionState = - | "notAvailable" - | "notEncrypted" - | "encryptedUsingPlatformManagedKey" - | "encryptedUsingCustomerManagedKey" +export type BrowserSiteListStatus = "draft" | "published" | "pending" | "unknownFutureValue"; +export type BrowserSiteMergeType = "noMerge" | "default" | "unknownFutureValue"; +export type BrowserSiteStatus = "published" | "pendingAdd" | "pendingEdit" | "pendingDelete" | "unknownFutureValue"; +export type BrowserSiteTargetEnvironment = + | "internetExplorerMode" + | "internetExplorer11" + | "microsoftEdge" + | "configurable" + | "none" | "unknownFutureValue"; -export type CloudPcDiskEncryptionType = "platformManagedKey" | "customerManagedKey" | "unknownFutureValue"; -export type CloudPcDomainJoinType = "azureADJoin" | "hybridAzureADJoin" | "unknownFutureValue"; -export type CloudPcExportJobStatus = "notStarted" | "inProgress" | "completed" | "failed" | "unknownFutureValue"; -export type CloudPcExternalPartnerStatus = "notAvailable" | "available" | "healthy" | "unhealthy" | "unknownFutureValue"; -export type CloudPcGalleryImageStatus = "supported" | "supportedWithWarning" | "notSupported" | "unknownFutureValue"; -export type CloudPcManagementService = "windows365" | "devBox" | "unknownFutureValue" | "rpaBox"; -export type CloudPcOnPremisesConnectionHealthCheckErrorType = - | "dnsCheckFqdnNotFound" - | "dnsCheckNameWithInvalidCharacter" - | "dnsCheckUnknownError" - | "adJoinCheckFqdnNotFound" - | "adJoinCheckIncorrectCredentials" - | "adJoinCheckOrganizationalUnitNotFound" - | "adJoinCheckOrganizationalUnitIncorrectFormat" - | "adJoinCheckComputerObjectAlreadyExists" - | "adJoinCheckAccessDenied" - | "adJoinCheckCredentialsExpired" - | "adJoinCheckAccountLockedOrDisabled" - | "adJoinCheckAccountQuotaExceeded" - | "adJoinCheckServerNotOperational" +export type BrowserSyncSetting = "notConfigured" | "blockedWithUserOverride" | "blocked"; +export type BucketAggregationSortProperty = "count" | "keyAsString" | "keyAsNumber" | "unknownFutureValue"; +export type CalendarColor = + | "auto" + | "lightBlue" + | "lightGreen" + | "lightOrange" + | "lightGray" + | "lightYellow" + | "lightTeal" + | "lightPink" + | "lightBrown" + | "lightRed" + | "maxColor"; +export type CalendarRoleType = + | "none" + | "freeBusyRead" + | "limitedRead" + | "read" + | "write" + | "delegateWithoutPrivateEventAccess" + | "delegateWithPrivateEventAccess" + | "custom"; +export type CalendarSharingAction = "accept" | "acceptAndViewCalendar" | "viewCalendar" | "addThisCalendar"; +export type CalendarSharingActionImportance = "primary" | "secondary"; +export type CalendarSharingActionType = "accept"; +export type CallDirection = "incoming" | "outgoing"; +export type CallDisposition = "default" | "simultaneousRing" | "forward"; +export type CallEventType = "callStarted" | "callEnded" | "unknownFutureValue" | "rosterUpdated"; +export type CallRecordingStatus = "success" | "failure" | "initial" | "chunkFinished" | "unknownFutureValue"; +export type CallState = + | "incoming" + | "establishing" + | "ringing" + | "established" + | "hold" + | "transferring" + | "transferAccepted" + | "redirecting" + | "terminating" + | "terminated" + | "unknownFutureValue"; +export type CallTranscriptionState = "notStarted" | "active" | "inactive" | "unknownFutureValue"; +export type CampaignStatus = + | "unknown" + | "draft" + | "inProgress" + | "scheduled" + | "completed" + | "failed" + | "cancelled" + | "excluded" + | "deleted" + | "unknownFutureValue"; +export type CategoryColor = + | "none" + | "preset0" + | "preset1" + | "preset2" + | "preset3" + | "preset4" + | "preset5" + | "preset6" + | "preset7" + | "preset8" + | "preset9" + | "preset10" + | "preset11" + | "preset12" + | "preset13" + | "preset14" + | "preset15" + | "preset16" + | "preset17" + | "preset18" + | "preset19" + | "preset20" + | "preset21" + | "preset22" + | "preset23" + | "preset24"; +export type CertificateDestinationStore = + | "computerCertStoreRoot" + | "computerCertStoreIntermediate" + | "userCertStoreIntermediate"; +export type CertificateIssuanceStates = + | "unknown" + | "challengeIssued" + | "challengeIssueFailed" + | "requestCreationFailed" + | "requestSubmitFailed" + | "challengeValidationSucceeded" + | "challengeValidationFailed" + | "issueFailed" + | "issuePending" + | "issued" + | "responseProcessingFailed" + | "responsePending" + | "enrollmentSucceeded" + | "enrollmentNotNeeded" + | "revoked" + | "removedFromCollection" + | "renewVerified" + | "installFailed" + | "installed" + | "deleteFailed" + | "deleted" + | "renewalRequested" + | "requested"; +export type CertificateRevocationStatus = "none" | "pending" | "issued" | "failed" | "revoked"; +export type CertificateStatus = "notProvisioned" | "provisioned"; +export type CertificateStore = "user" | "machine"; +export type CertificateValidityPeriodScale = "days" | "months" | "years"; +export type ChangeType = "created" | "updated" | "deleted"; +export type ChangeUefiSettingsPermission = "notConfiguredOnly" | "none"; +export type ChannelMembershipType = "standard" | "private" | "unknownFutureValue" | "shared"; +export type ChassisType = + | "unknown" + | "desktop" + | "laptop" + | "worksWorkstation" + | "enterpriseServer" + | "phone" + | "tablet" + | "mobileOther" + | "mobileUnknown"; +export type ChatMessageActions = "reactionAdded" | "reactionRemoved" | "actionUndefined" | "unknownFutureValue"; +export type ChatMessageImportance = "normal" | "high" | "urgent"; +export type ChatMessagePolicyViolationDlpActionTypes = "none" | "notifySender" | "blockAccess" | "blockAccessExternal"; +export type ChatMessagePolicyViolationUserActionTypes = "none" | "override" | "reportFalsePositive"; +export type ChatMessagePolicyViolationVerdictDetailsTypes = + | "none" + | "allowFalsePositiveOverride" + | "allowOverrideWithoutJustification" + | "allowOverrideWithJustification"; +export type ChatMessageType = "message" | "chatEvent" | "typing" | "unknownFutureValue" | "systemEventMessage"; +export type ChatType = "oneOnOne" | "group" | "meeting" | "unknownFutureValue"; +export type ChromeOSOnboardingStatus = + | "unknown" + | "inprogress" + | "onboarded" + | "failed" + | "offboarding" + | "unknownFutureValue"; +export type ClassificationMethod = "patternMatch" | "exactDataMatch" | "fingerprint" | "machineLearning"; +export type ClientCredentialType = + | "none" + | "clientSecret" + | "clientAssertion" + | "federatedIdentityCredential" + | "managedIdentity" + | "certificate" + | "unknownFutureValue"; +export type ClonableTeamParts = "apps" | "tabs" | "settings" | "channels" | "members"; +export type CloudAppSecuritySessionControlType = + | "mcasConfigured" + | "monitorOnly" + | "blockDownloads" + | "unknownFutureValue"; +export type CloudPcAuditActivityOperationType = "create" | "delete" | "patch" | "unknownFutureValue"; +export type CloudPcAuditActivityResult = "success" | "clientError" | "failure" | "timeout" | "unknownFutureValue"; +export type CloudPcAuditActorType = "itPro" | "application" | "partner" | "unknownFutureValue"; +export type CloudPcAuditCategory = "cloudPC" | "unknownFutureValue"; +export type CloudPcConnectivityEventResult = "unknown" | "success" | "failure" | "unknownFutureValue"; +export type CloudPcConnectivityEventType = + | "unknown" + | "userConnection" + | "userTroubleshooting" + | "deviceHealthCheck" + | "unknownFutureValue"; +export type CloudPcConnectivityStatus = + | "unknown" + | "available" + | "availableWithWarning" + | "unavailable" + | "unknownFutureValue"; +export type CloudPcDeviceImageErrorCode = + | "internalServerError" + | "sourceImageNotFound" + | "osVersionNotSupported" + | "sourceImageInvalid" + | "sourceImageNotGeneralized" + | "unknownFutureValue" + | "vmAlreadyAzureAdjoined" + | "paidSourceImageNotSupport" + | "sourceImageNotSupportCustomizeVMName" + | "sourceImageSizeExceedsLimitation"; +export type CloudPcDeviceImageOsStatus = "supported" | "supportedWithWarning" | "unknown" | "unknownFutureValue"; +export type CloudPcDeviceImageStatus = "pending" | "ready" | "failed" | "unknownFutureValue"; +export type CloudPcDeviceImageStatusDetails = + | "internalServerError" + | "sourceImageNotFound" + | "osVersionNotSupported" + | "sourceImageInvalid" + | "sourceImageNotGeneralized" + | "unknownFutureValue" + | "vmAlreadyAzureAdjoined" + | "paidSourceImageNotSupport" + | "sourceImageNotSupportCustomizeVMName" + | "sourceImageSizeExceedsLimitation"; +export type CloudPcDisasterRecoveryCapabilityType = "none" | "failover" | "failback" | "unknownFutureValue"; +export type CloudPcDiskEncryptionState = + | "notAvailable" + | "notEncrypted" + | "encryptedUsingPlatformManagedKey" + | "encryptedUsingCustomerManagedKey" + | "unknownFutureValue"; +export type CloudPcDiskEncryptionType = "platformManagedKey" | "customerManagedKey" | "unknownFutureValue"; +export type CloudPcDomainJoinType = "azureADJoin" | "hybridAzureADJoin" | "unknownFutureValue"; +export type CloudPcExportJobStatus = "notStarted" | "inProgress" | "completed" | "failed" | "unknownFutureValue"; +export type CloudPcExternalPartnerStatus = "notAvailable" | "available" | "healthy" | "unhealthy" | "unknownFutureValue"; +export type CloudPcGalleryImageStatus = "supported" | "supportedWithWarning" | "notSupported" | "unknownFutureValue"; +export type CloudPCInaccessibleReportName = + | "inaccessibleCloudPcReports" + | "inaccessibleCloudPcTrendReport" + | "unknownFutureValue"; +export type CloudPcManagementService = "windows365" | "devBox" | "unknownFutureValue" | "rpaBox"; +export type CloudPcOnPremisesConnectionHealthCheckErrorType = + | "dnsCheckFqdnNotFound" + | "dnsCheckNameWithInvalidCharacter" + | "dnsCheckUnknownError" + | "adJoinCheckFqdnNotFound" + | "adJoinCheckIncorrectCredentials" + | "adJoinCheckOrganizationalUnitNotFound" + | "adJoinCheckOrganizationalUnitIncorrectFormat" + | "adJoinCheckComputerObjectAlreadyExists" + | "adJoinCheckAccessDenied" + | "adJoinCheckCredentialsExpired" + | "adJoinCheckAccountLockedOrDisabled" + | "adJoinCheckAccountQuotaExceeded" + | "adJoinCheckServerNotOperational" | "adJoinCheckUnknownError" | "endpointConnectivityCheckCloudPcUrlNotAllowListed" | "endpointConnectivityCheckWVDUrlNotAllowListed" @@ -635,9 +1026,10 @@ export type CloudPcPartnerAgentInstallStatus = | "licensed" | "unknownFutureValue"; export type CloudPcPartnerAgentName = "citrix" | "unknownFutureValue" | "vMware" | "hp"; +export type CloudPCPerformanceReportName = "performanceTrendReport" | "unknownFutureValue"; export type CloudPcPolicySettingType = "region" | "singleSignOn" | "unknownFutureValue"; export type CloudPcPowerState = "running" | "poweredOff" | "unknownFutureValue"; -export type CloudPcProvisioningPolicyImageType = "gallery" | "custom"; +export type CloudPcProvisioningPolicyImageType = "gallery" | "custom" | "unknownFutureValue"; export type CloudPcProvisioningType = "dedicated" | "shared" | "unknownFutureValue"; export type CloudPcRegionGroup = | "default" @@ -689,7 +1081,10 @@ export type CloudPcReportName = | "remoteConnectionQualityReports" | "inaccessibleCloudPcReports" | "rawRemoteConnectionReports" - | "cloudPcUsageCategoryReports"; + | "cloudPcUsageCategoryReports" + | "crossRegionDisasterRecoveryReport" + | "performanceTrendReport" + | "inaccessibleCloudPcTrendReport"; export type CloudPcResizeValidationCode = | "success" | "cloudPcNotFound" @@ -698,6 +1093,14 @@ export type CloudPcResizeValidationCode = | "targetLicenseHasAssigned" | "internalServerError" | "unknownFutureValue"; +export type CloudPcRestorePointFrequencyType = + | "default" + | "fourHours" + | "sixHours" + | "twelveHours" + | "sixteenHours" + | "twentyFourHours" + | "unknownFutureValue"; export type CloudPcServicePlanType = "enterprise" | "business" | "unknownFutureValue"; export type CloudPcSnapshotStatus = "ready" | "unknownFutureValue"; export type CloudPcSnapshotType = "automatic" | "manual" | "unknownFutureValue"; @@ -719,254 +1122,268 @@ export type CloudPcStatus = export type CloudPcSupportedRegionStatus = "available" | "restricted" | "unavailable" | "unknownFutureValue"; export type CloudPcUserAccessLevel = "unrestricted" | "restricted" | "unknownFutureValue"; export type CloudPcUserAccountType = "standardUser" | "administrator" | "unknownFutureValue"; -export type FrontlineCloudPcAccessState = - | "unassigned" - | "noLicensesAvailable" - | "activationFailed" - | "active" - | "activating" - | "standbyMode" - | "unknownFutureValue"; -export type MicrosoftManagedDesktopType = - | "notManaged" - | "premiumManaged" - | "standardManaged" - | "starterManaged" - | "unknownFutureValue"; -export type RestoreTimeRange = "before" | "after" | "beforeOrAfter" | "unknownFutureValue"; -export type ShiftWorkCloudPcAccessState = - | "unassigned" - | "noLicensesAvailable" - | "activationFailed" - | "active" - | "activating" - | "unknownFutureValue" - | "standbyMode"; -export type UsageRightState = "active" | "inactive" | "warning" | "suspended" | "unknownFutureValue"; -export type BodyType = "text" | "html"; -export type DataSubjectType = - | "customer" - | "currentEmployee" - | "formerEmployee" - | "prospectiveEmployee" - | "student" - | "teacher" - | "faculty" - | "other" +export type CoachmarkLocationType = + | "unknown" + | "fromEmail" + | "subject" + | "externalTag" + | "displayName" + | "messageBody" | "unknownFutureValue"; -export type SubjectRightsRequestStage = - | "contentRetrieval" - | "contentReview" - | "generateReport" - | "contentDeletion" - | "caseResolved" - | "contentEstimate" - | "unknownFutureValue" - | "approval"; -export type SubjectRightsRequestStageStatus = "notStarted" | "current" | "completed" | "failed" | "unknownFutureValue"; -export type SubjectRightsRequestStatus = "active" | "closed" | "unknownFutureValue"; -export type SubjectRightsRequestType = "export" | "delete" | "access" | "tagForAction" | "unknownFutureValue"; -export type AuthenticationAttributeCollectionInputType = +export type Code = + | "none" + | "jsonFileInvalid" + | "jsonFileMissing" + | "jsonFileTooLarge" + | "rulesMissing" + | "duplicateRules" + | "tooManyRulesSpecified" + | "operatorMissing" + | "operatorNotSupported" + | "datatypeMissing" + | "datatypeNotSupported" + | "operatorDataTypeCombinationNotSupported" + | "moreInfoUriMissing" + | "moreInfoUriInvalid" + | "moreInfoUriTooLarge" + | "descriptionMissing" + | "descriptionInvalid" + | "descriptionTooLarge" + | "titleMissing" + | "titleInvalid" + | "titleTooLarge" + | "operandMissing" + | "operandInvalid" + | "operandTooLarge" + | "settingNameMissing" + | "settingNameInvalid" + | "settingNameTooLarge" + | "englishLocaleMissing" + | "duplicateLocales" + | "unrecognizedLocale" + | "unknown" + | "remediationStringsMissing"; +export type ColumnTypes = + | "note" | "text" - | "radioSingleSelect" - | "checkboxMultiSelect" - | "boolean" - | "unknownFutureValue"; -export type IdentityProviderState = "enabled" | "disabled" | "unknownFutureValue"; -export type IdentityUserFlowAttributeDataType = - | "string" - | "boolean" - | "int64" - | "stringCollection" + | "choice" + | "multichoice" + | "number" + | "currency" | "dateTime" + | "lookup" + | "boolean" + | "user" + | "url" + | "calculated" + | "location" + | "geolocation" + | "term" + | "multiterm" + | "thumbnail" + | "approvalStatus" | "unknownFutureValue"; -export type IdentityUserFlowAttributeInputType = - | "textBox" - | "dateTimeDropdown" - | "radioSingleSelect" - | "dropdownSingleSelect" - | "emailBox" - | "checkboxMultiSelect"; -export type IdentityUserFlowAttributeType = "builtIn" | "custom" | "required" | "unknownFutureValue"; -export type OpenIdConnectResponseMode = "form_post" | "query" | "unknownFutureValue"; -export type OpenIdConnectResponseTypes = "code" | "id_token" | "token"; -export type UserFlowType = - | "signUp" - | "signIn" - | "signUpOrSignIn" - | "passwordReset" - | "profileUpdate" - | "resourceOwner" +export type ComanagementEligibleType = + | "comanaged" + | "eligible" + | "eligibleButNotAzureAdJoined" + | "needsOsUpdate" + | "ineligible" + | "scheduledForEnrollment" | "unknownFutureValue"; -export type UserType = "member" | "guest" | "unknownFutureValue"; -export type Alignment = "left" | "right" | "center"; -export type ApplicationMode = "manual" | "automatic" | "recommended"; -export type ClassificationMethod = "patternMatch" | "exactDataMatch" | "fingerprint" | "machineLearning"; +export type CommunityPrivacy = "public" | "private" | "unknownFutureValue"; +export type CompanyPortalAction = "unknown" | "remove" | "reset"; +export type ComplianceState = + | "unknown" + | "compliant" + | "noncompliant" + | "conflict" + | "error" + | "inGracePeriod" + | "configManager"; +export type ComplianceStatus = + | "unknown" + | "notApplicable" + | "compliant" + | "remediated" + | "nonCompliant" + | "error" + | "conflict" + | "notAssigned"; export type Component = "Label"; -export type EncryptWith = "template" | "userDefinedRights"; -export type GroupPrivacy = "unspecified" | "public" | "private" | "unknownFutureValue"; -export type LobbyBypassScope = - | "organizer" - | "organization" - | "organizationAndFederated" - | "everyone" - | "unknownFutureValue" - | "invited" - | "organizationExcludingGuests"; -export type MeetingChatMode = "enabled" | "disabled" | "limited" | "unknownFutureValue"; -export type MlClassificationMatchTolerance = "exact" | "near"; -export type OnlineMeetingForwarders = "everyone" | "organizer" | "unknownFutureValue"; -export type OnlineMeetingPresenters = - | "everyone" - | "organization" - | "roleIsPresenter" - | "organizer" +export type ConditionalAccessClientApp = + | "all" + | "browser" + | "mobileAppsAndDesktopClients" + | "exchangeActiveSync" + | "easSupported" + | "other" | "unknownFutureValue"; -export type PageOrientation = "horizontal" | "diagonal"; -export type RestrictionAction = "warn" | "audit" | "block"; -export type RestrictionTrigger = - | "copyPaste" - | "copyToNetworkShare" - | "copyToRemovableMedia" - | "screenCapture" - | "print" - | "cloudEgress" - | "unallowedApps"; -export type RuleMode = "audit" | "auditAndNotify" | "enforce" | "pendingDeletion" | "test"; -export type SensitiveTypeScope = "fullDocument" | "partialDocument"; -export type SensitiveTypeSource = "outOfBox" | "tenant"; -export type SensitivityLabelTarget = "email" | "site" | "unifiedGroup" | "teamwork" | "unknownFutureValue"; -export type SiteAccessType = "block" | "full" | "limited"; -export type MultiFactorAuthConfiguration = "notRequired" | "required" | "unknownFutureValue"; -export type PolicyScope = "none" | "all" | "selected" | "unknownFutureValue"; -export type AllowInvitesFrom = +export type ConditionalAccessConditions = | "none" - | "adminsAndGuestInviters" - | "adminsGuestInvitersAndAllMembers" - | "everyone" - | "unknownFutureValue"; -export type AppCredentialRestrictionType = - | "passwordAddition" - | "passwordLifetime" - | "symmetricKeyAddition" - | "symmetricKeyLifetime" - | "customPasswordAddition" - | "unknownFutureValue"; -export type AppKeyCredentialRestrictionType = - | "asymmetricKeyLifetime" - | "trustedCertificateAuthority" - | "unknownFutureValue"; -export type AuthenticationProtocol = "wsFed" | "saml" | "unknownFutureValue"; -export type B2bIdentityProvidersType = - | "azureActiveDirectory" - | "externalFederation" - | "socialIdentityProviders" - | "emailOneTimePasscode" - | "microsoftAccount" - | "defaultConfiguredIdp" - | "unknownFutureValue"; -export type CrossTenantAccessPolicyTargetConfigurationAccessType = "allowed" | "blocked" | "unknownFutureValue"; -export type CrossTenantAccessPolicyTargetType = "user" | "group" | "application" | "unknownFutureValue"; -export type FederatedIdpMfaBehavior = - | "acceptIfMfaDoneByFederatedIdp" - | "enforceMfaByFederatedIdp" - | "rejectMfaByFederatedIdp" + | "application" + | "users" + | "devicePlatform" + | "location" + | "clientType" + | "signInRisk" + | "userRisk" + | "time" + | "deviceState" + | "client" + | "ipAddressSeenByAzureAD" + | "ipAddressSeenByResourceProvider" + | "unknownFutureValue" + | "servicePrincipals" + | "servicePrincipalRisk" + | "authenticationFlows" + | "insiderRisk"; +export type ConditionalAccessDevicePlatform = + | "android" + | "iOS" + | "windows" + | "windowsPhone" + | "macOS" + | "all" + | "unknownFutureValue" + | "linux"; +export type ConditionalAccessExternalTenantsMembershipKind = "all" | "enumerated" | "unknownFutureValue"; +export type ConditionalAccessGrantControl = + | "block" + | "mfa" + | "compliantDevice" + | "domainJoinedDevice" + | "approvedApplication" + | "compliantApplication" + | "passwordChange" | "unknownFutureValue"; -export type LayoutTemplateType = "default" | "verticalSplit" | "unknownFutureValue"; -export type MultiTenantOrganizationMemberProcessingStatus = - | "notStarted" - | "running" - | "succeeded" - | "failed" +export type ConditionalAccessGuestOrExternalUserTypes = + | "none" + | "internalGuest" + | "b2bCollaborationGuest" + | "b2bCollaborationMember" + | "b2bDirectConnectUser" + | "otherExternalUser" + | "serviceProvider" | "unknownFutureValue"; -export type MultiTenantOrganizationMemberRole = "owner" | "member" | "unknownFutureValue"; -export type MultiTenantOrganizationMemberState = "pending" | "active" | "removed" | "unknownFutureValue"; -export type MultiTenantOrganizationState = "active" | "inactive" | "unknownFutureValue"; -export type MultiTenantOrgLabelType = "none" | "groupName" | "customName" | "unknownFutureValue"; -export type OnPremisesDirectorySynchronizationDeletionPreventionType = - | "disabled" - | "enabledForCount" - | "enabledForPercentage" - | "unknownFutureValue"; -export type PartnerTenantType = - | "microsoftSupport" - | "syndicatePartner" - | "breadthPartner" - | "breadthPartnerDelegatedAdmin" - | "resellerPartnerDelegatedAdmin" - | "valueAddedResellerPartnerDelegatedAdmin" - | "unknownFutureValue"; -export type PermissionClassificationType = "low" | "medium" | "high" | "unknownFutureValue"; -export type PermissionType = "application" | "delegated" | "delegatedUserConsentable"; -export type PromptLoginBehavior = - | "translateToFreshPasswordAuthentication" - | "nativeSupport" - | "disabled" - | "unknownFutureValue"; -export type RootDomains = - | "none" - | "all" - | "allFederated" - | "allManaged" - | "enumerated" - | "allManagedAndEnumeratedFederated" - | "unknownFutureValue"; -export type TemplateApplicationLevel = "none" | "newPartners" | "existingPartners" | "unknownFutureValue"; -export type WeakAlgorithms = "rsaSha1" | "unknownFutureValue"; -export type BrowserSharedCookieSourceEnvironment = - | "microsoftEdge" - | "internetExplorer11" - | "both" - | "unknownFutureValue"; -export type BrowserSharedCookieStatus = - | "published" - | "pendingAdd" - | "pendingEdit" - | "pendingDelete" - | "unknownFutureValue"; -export type BrowserSiteCompatibilityMode = - | "default" - | "internetExplorer8Enterprise" - | "internetExplorer7Enterprise" - | "internetExplorer11" - | "internetExplorer10" - | "internetExplorer9" - | "internetExplorer8" - | "internetExplorer7" - | "internetExplorer5" - | "unknownFutureValue"; -export type BrowserSiteListStatus = "draft" | "published" | "pending" | "unknownFutureValue"; -export type BrowserSiteMergeType = "noMerge" | "default" | "unknownFutureValue"; -export type BrowserSiteStatus = "published" | "pendingAdd" | "pendingEdit" | "pendingDelete" | "unknownFutureValue"; -export type BrowserSiteTargetEnvironment = - | "internetExplorerMode" - | "internetExplorer11" - | "microsoftEdge" - | "configurable" +export type ConditionalAccessInsiderRiskLevels = "minor" | "moderate" | "elevated" | "unknownFutureValue"; +export type ConditionalAccessPolicyState = "enabled" | "disabled" | "enabledForReportingButNotEnforced"; +export type ConditionalAccessRule = + | "allApps" + | "firstPartyApps" + | "office365" + | "appId" + | "acr" + | "appFilter" + | "allUsers" + | "guest" + | "groupId" + | "roleId" + | "userId" + | "allDevicePlatforms" + | "devicePlatform" + | "allLocations" + | "insideCorpnet" + | "allTrustedLocations" + | "locationId" + | "allDevices" + | "deviceFilter" + | "deviceState" + | "unknownFutureValue" + | "deviceFilterIncludeRuleNotMatched" + | "allDeviceStates" + | "anonymizedIPAddress" + | "unfamiliarFeatures" + | "nationStateIPAddress" + | "realTimeThreatIntelligence" + | "internalGuest" + | "b2bCollaborationGuest" + | "b2bCollaborationMember" + | "b2bDirectConnectUser" + | "otherExternalUser" + | "serviceProvider" + | "microsoftAdminPortals" + | "deviceCodeFlow" + | "authenticationTransfer" + | "insiderRisk"; +export type ConditionalAccessStatus = "success" | "failure" | "notApplied" | "unknownFutureValue"; +export type ConditionalAccessTransferMethods = | "none" + | "deviceCodeFlow" + | "authenticationTransfer" | "unknownFutureValue"; -export type EducationAddedStudentAction = "none" | "assignIfOpen" | "unknownFutureValue"; -export type EducationAddToCalendarOptions = - | "none" - | "studentsAndPublisher" - | "studentsAndTeamOwners" - | "unknownFutureValue" - | "studentsOnly"; -export type EducationAssignmentStatus = "draft" | "published" | "assigned" | "unknownFutureValue" | "inactive"; -export type EducationFeedbackResourceOutcomeStatus = - | "notPublished" - | "pendingPublish" - | "published" - | "failedPublish" +export type ConditionalAccessWhatIfReasons = + | "notSet" + | "notEnoughInformation" + | "invalidCondition" + | "users" + | "workloadIdentities" + | "application" + | "userActions" + | "authenticationContext" + | "devicePlatform" + | "devices" + | "clientApps" + | "location" + | "signInRisk" + | "emptyPolicy" + | "invalidPolicy" + | "policyNotEnabled" + | "userRisk" + | "time" + | "insiderRisk" + | "authenticationFlow" | "unknownFutureValue"; -export type EducationModuleStatus = "draft" | "published" | "unknownFutureValue"; -export type EducationSubmissionStatus = - | "working" - | "submitted" - | "released" - | "returned" - | "unknownFutureValue" - | "reassigned"; +export type ConfigurationManagerActionDeliveryStatus = + | "unknown" + | "pendingDelivery" + | "deliveredToConnectorService" + | "failedToDeliverToConnectorService" + | "deliveredToOnPremisesServer"; +export type ConfigurationManagerActionType = + | "refreshMachinePolicy" + | "refreshUserPolicy" + | "wakeUpClient" + | "appEvaluation" + | "quickScan" + | "fullScan" + | "windowsDefenderUpdateSignatures"; +export type ConfigurationManagerClientState = + | "unknown" + | "installed" + | "healthy" + | "installFailed" + | "updateFailed" + | "communicationError"; +export type ConfigurationUsage = "blocked" | "required" | "allowed" | "notConfigured"; +export type ConfirmedBy = "none" | "user" | "manager" | "unknownFutureValue"; +export type ConnectedOrganizationState = "configured" | "proposed" | "unknownFutureValue"; +export type ConnectionDirection = "unknown" | "inbound" | "outbound" | "unknownFutureValue"; +export type ConnectionOperationStatus = "unspecified" | "inprogress" | "completed" | "failed"; +export type ConnectionState = "draft" | "ready" | "obsolete" | "limitExceeded" | "unknownFutureValue"; +export type ConnectionStatus = "unknown" | "attempted" | "succeeded" | "blocked" | "failed" | "unknownFutureValue"; +export type ConnectorGroupRegion = "nam" | "eur" | "aus" | "asia" | "ind" | "unknownFutureValue"; +export type ConnectorGroupType = "applicationProxy"; +export type ConnectorHealthState = "healthy" | "warning" | "unhealthy" | "unknown"; +export type ConnectorName = + | "applePushNotificationServiceExpirationDateTime" + | "vppTokenExpirationDateTime" + | "vppTokenLastSyncDateTime" + | "windowsAutopilotLastSyncDateTime" + | "windowsStoreForBusinessLastSyncDateTime" + | "jamfLastSyncDateTime" + | "ndesConnectorLastConnectionDateTime" + | "appleDepExpirationDateTime" + | "appleDepLastSyncDateTime" + | "onPremConnectorLastSyncDateTime" + | "googlePlayAppLastSyncDateTime" + | "googlePlayConnectorLastModifiedDateTime" + | "windowsDefenderATPConnectorLastHeartbeatDateTime" + | "mobileThreatDefenceConnectorLastHeartbeatDateTime" + | "chromebookLastDirectorySyncDateTime" + | "futureValue"; +export type ConnectorStatus = "active" | "inactive"; +export type ConsentRequestFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; export type ContactRelationship = | "parent" | "relative" @@ -976,826 +1393,594 @@ export type ContactRelationship = | "child" | "other" | "unknownFutureValue"; -export type EducationSynchronizationProfileState = - | "deleting" - | "deletionFailed" - | "provisioningFailed" - | "provisioned" - | "provisioning" +export type ContentAlignment = "left" | "right" | "center"; +export type ContentFormat = "default" | "email"; +export type ContentState = "rest" | "motion" | "use"; +export type ContinuousAccessEvaluationMode = "strictEnforcement" | "disabled" | "unknownFutureValue" | "strictLocation"; +export type CountryLookupMethodType = "clientIpAddress" | "authenticatorAppGps" | "unknownFutureValue"; +export type CourseStatus = "notStarted" | "inProgress" | "completed" | "unknownFutureValue"; +export type CrossTenantAccessPolicyTargetConfigurationAccessType = "allowed" | "blocked" | "unknownFutureValue"; +export type CrossTenantAccessPolicyTargetType = "user" | "group" | "application" | "unknownFutureValue"; +export type CustomExtensionCalloutInstanceStatus = + | "calloutSent" + | "callbackReceived" + | "calloutFailed" + | "callbackTimedOut" + | "waitingForCallback" | "unknownFutureValue"; -export type EducationSynchronizationStatus = - | "paused" - | "inProgress" - | "success" - | "error" - | "validationError" - | "quarantined" - | "unknownFutureValue" - | "extracting" - | "validating"; -export type EducationUserRole = "student" | "teacher" | "none" | "unknownFutureValue" | "faculty"; -export type EducationExternalSource = "sis" | "manual" | "unknownFutureValue" | "lms"; -export type EducationGender = "female" | "male" | "other" | "unknownFutureValue"; -export type WorkbookOperationStatus = "notStarted" | "running" | "succeeded" | "failed"; -export type ActivityDomain = "unknown" | "work" | "personal" | "unrestricted"; -export type AttendeeType = "required" | "optional" | "resource"; -export type FreeBusyStatus = "unknown" | "free" | "tentative" | "busy" | "oof" | "workingElsewhere"; -export type BookingType = "unknown" | "standard" | "reserved"; -export type AttachmentType = "file" | "item" | "reference"; -export type AutomaticRepliesStatus = "disabled" | "alwaysEnabled" | "scheduled"; -export type CalendarColor = - | "auto" - | "lightBlue" - | "lightGreen" - | "lightOrange" - | "lightGray" - | "lightYellow" - | "lightTeal" - | "lightPink" - | "lightBrown" - | "lightRed" - | "maxColor"; -export type CalendarRoleType = +export type DataCollectionStatus = "online" | "offline" | "unknownFutureValue"; +export type DataPolicyOperationStatus = "notStarted" | "running" | "complete" | "failed" | "unknownFutureValue"; +export type DataSubjectType = + | "customer" + | "currentEmployee" + | "formerEmployee" + | "prospectiveEmployee" + | "student" + | "teacher" + | "faculty" + | "other" + | "unknownFutureValue"; +export type DataType = | "none" - | "freeBusyRead" - | "limitedRead" - | "read" - | "write" - | "delegateWithoutPrivateEventAccess" - | "delegateWithPrivateEventAccess" - | "custom"; -export type CalendarSharingAction = "accept" | "acceptAndViewCalendar" | "viewCalendar" | "addThisCalendar"; -export type CalendarSharingActionImportance = "primary" | "secondary"; -export type CalendarSharingActionType = "accept"; -export type CategoryColor = + | "boolean" + | "int64" + | "double" + | "string" + | "dateTime" + | "version" + | "base64" + | "xml" + | "booleanArray" + | "int64Array" + | "doubleArray" + | "stringArray" + | "dateTimeArray" + | "versionArray"; +export type DayOfWeek = "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday"; +export type DecisionItemPrincipalResourceMembershipType = "direct" | "indirect" | "unknownFutureValue"; +export type DefaultMfaMethodType = | "none" - | "preset0" - | "preset1" - | "preset2" - | "preset3" - | "preset4" - | "preset5" - | "preset6" - | "preset7" - | "preset8" - | "preset9" - | "preset10" - | "preset11" - | "preset12" - | "preset13" - | "preset14" - | "preset15" - | "preset16" - | "preset17" - | "preset18" - | "preset19" - | "preset20" - | "preset21" - | "preset22" - | "preset23" - | "preset24"; + | "mobilePhone" + | "alternateMobilePhone" + | "officePhone" + | "microsoftAuthenticatorPush" + | "softwareOneTimePasscode" + | "unknownFutureValue"; +export type DefenderAttackSurfaceType = "userDefined" | "block" | "auditMode" | "warn" | "disable"; +export type DefenderCloudBlockLevelType = "notConfigured" | "high" | "highPlus" | "zeroTolerance"; +export type DefenderMonitorFileActivity = + | "userDefined" + | "disable" + | "monitorAllFiles" + | "monitorIncomingFilesOnly" + | "monitorOutgoingFilesOnly"; +export type DefenderPotentiallyUnwantedAppAction = "deviceDefault" | "block" | "audit"; +export type DefenderPromptForSampleSubmission = + | "userDefined" + | "alwaysPrompt" + | "promptBeforeSendingPersonalData" + | "neverSendData" + | "sendAllDataWithoutPrompting"; +export type DefenderProtectionType = "userDefined" | "enable" | "auditMode" | "warn" | "notConfigured"; +export type DefenderRealtimeScanDirection = "monitorAllFiles" | "monitorIncomingFilesOnly" | "monitorOutgoingFilesOnly"; +export type DefenderScanType = "userDefined" | "disabled" | "quick" | "full"; +export type DefenderSecurityCenterITContactDisplayType = + | "notConfigured" + | "displayInAppAndInNotifications" + | "displayOnlyInApp" + | "displayOnlyInNotifications"; +export type DefenderSecurityCenterNotificationsFromAppType = + | "notConfigured" + | "blockNoncriticalNotifications" + | "blockAllNotifications"; +export type DefenderSubmitSamplesConsentType = + | "sendSafeSamplesAutomatically" + | "alwaysPrompt" + | "neverSend" + | "sendAllSamplesAutomatically"; +export type DefenderThreatAction = + | "deviceDefault" + | "clean" + | "quarantine" + | "remove" + | "allow" + | "userDefined" + | "block"; +export type DelegatedAdminAccessAssignmentStatus = + | "pending" + | "active" + | "deleting" + | "deleted" + | "error" + | "unknownFutureValue"; +export type DelegatedAdminAccessContainerType = "securityGroup" | "unknownFutureValue"; +export type DelegatedAdminRelationshipOperationType = "delegatedAdminAccessAssignmentUpdate" | "unknownFutureValue"; +export type DelegatedAdminRelationshipRequestAction = + | "lockForApproval" + | "approve" + | "terminate" + | "unknownFutureValue" + | "reject"; +export type DelegatedAdminRelationshipRequestStatus = + | "created" + | "pending" + | "succeeded" + | "failed" + | "unknownFutureValue"; +export type DelegatedAdminRelationshipStatus = + | "activating" + | "active" + | "approvalPending" + | "approved" + | "created" + | "expired" + | "expiring" + | "terminated" + | "terminating" + | "terminationRequested" + | "unknownFutureValue"; export type DelegateMeetingMessageDeliveryOptions = | "sendToDelegateAndInformationToPrincipal" | "sendToDelegateAndPrincipal" | "sendToDelegateOnly"; -export type EmailType = "unknown" | "work" | "personal" | "main" | "other"; -export type EventType = "singleInstance" | "occurrence" | "exception" | "seriesMaster"; -export type ExchangeIdFormat = "entryId" | "ewsId" | "immutableEntryId" | "restId" | "restImmutableEntryId"; -export type ExternalAudienceScope = "none" | "contactsOnly" | "all"; -export type FollowupFlagStatus = "notFlagged" | "complete" | "flagged"; -export type GroupAccessType = "none" | "private" | "secret" | "public"; -export type Importance = "low" | "normal" | "high"; -export type InferenceClassificationType = "focused" | "other"; -export type MailboxRecipientType = "unknown" | "user" | "linked" | "shared" | "room" | "equipment" | "others"; -export type MailTipsType = - | "automaticReplies" - | "mailboxFullStatus" - | "customMailTip" - | "externalMemberCount" - | "totalMemberCount" - | "maxMessageSize" - | "deliveryRestriction" - | "moderationStatus" - | "recipientScope" - | "recipientSuggestions"; -export type MeetingMessageType = - | "none" - | "meetingRequest" - | "meetingCancelled" - | "meetingAccepted" - | "meetingTentativelyAccepted" - | "meetingDeclined"; -export type MessageActionFlag = - | "any" - | "call" - | "doNotForward" - | "followUp" - | "fyi" - | "forward" - | "noResponseNecessary" - | "read" - | "reply" - | "replyToAll" - | "review"; -export type OnlineMeetingProviderType = "unknown" | "skypeForBusiness" | "skypeForConsumer" | "teamsForBusiness"; -export type RecipientScopeType = "none" | "internal" | "external" | "externalPartner" | "externalNonPartner"; -export type RecurrencePatternType = - | "daily" - | "weekly" - | "absoluteMonthly" - | "relativeMonthly" - | "absoluteYearly" - | "relativeYearly"; -export type RecurrenceRangeType = "endDate" | "noEnd" | "numbered"; -export type ReferenceAttachmentPermission = - | "other" - | "view" - | "edit" - | "anonymousView" - | "anonymousEdit" - | "organizationView" - | "organizationEdit"; -export type ReferenceAttachmentProvider = "other" | "oneDriveBusiness" | "oneDriveConsumer" | "dropbox"; -export type ResponseType = "none" | "organizer" | "tentativelyAccepted" | "accepted" | "declined" | "notResponded"; -export type Sensitivity = "normal" | "personal" | "private" | "confidential"; -export type TaskStatus = "notStarted" | "inProgress" | "completed" | "waitingOnOthers" | "deferred"; -export type TimeZoneStandard = "windows" | "iana"; -export type UserPurpose = +export type DeliveryOptimizationGroupIdOptionsType = + | "notConfigured" + | "adSite" + | "authenticatedDomainSid" + | "dhcpUserOption" + | "dnsSuffix"; +export type DeliveryOptimizationRestrictPeerSelectionByOptions = "notConfigured" | "subnetMask"; +export type DepTokenType = "none" | "dep" | "appleSchoolManager"; +export type DerivedCredentialProviderType = "notConfigured" | "entrustDataCard" | "purebred" | "xTec" | "intercede"; +export type DetectedAppPlatformType = | "unknown" - | "user" - | "linked" - | "shared" - | "room" - | "equipment" - | "others" + | "windows" + | "windowsMobile" + | "windowsHolographic" + | "ios" + | "macOS" + | "chromeOS" + | "androidOSP" + | "androidDeviceAdministrator" + | "androidWorkProfile" + | "androidDedicatedAndFullyManaged" | "unknownFutureValue"; -export type WebsiteType = "other" | "home" | "work" | "blog" | "profile"; -export type WeekIndex = "first" | "second" | "third" | "fourth" | "last"; -export type ImageTaggingChoice = "disabled" | "basic" | "enhanced" | "unknownFutureValue"; -export type SharingCapabilities = - | "disabled" - | "externalUserSharingOnly" - | "externalUserAndGuestSharing" - | "existingExternalUserSharingOnly" +export type DeviceAndAppManagementAssignmentFilterType = "none" | "include" | "exclude"; +export type DeviceAndAppManagementAssignmentSource = "direct" | "policySets"; +export type DeviceAppManagementTaskCategory = "unknown" | "advancedThreatProtection"; +export type DeviceAppManagementTaskPriority = "none" | "high" | "low"; +export type DeviceAppManagementTaskStatus = "unknown" | "pending" | "active" | "completed" | "rejected"; +export type DeviceCleanupRulePlatformType = + | "all" + | "androidAOSP" + | "androidDeviceAdministrator" + | "androidDedicatedAndFullyManagedCorporateOwnedWorkProfile" + | "chromeOS" + | "androidPersonallyOwnedWorkProfile" + | "ios" + | "macOS" + | "windows" + | "windowsHolographic" | "unknownFutureValue"; -export type SharingDomainRestrictionMode = "none" | "allowList" | "blockList" | "unknownFutureValue"; -export type ColumnTypes = - | "note" - | "text" - | "choice" - | "multichoice" - | "number" - | "currency" - | "dateTime" - | "lookup" +export type DeviceComplianceActionType = + | "noAction" + | "notification" + | "block" + | "retire" + | "wipe" + | "removeResourceAccessProfiles" + | "pushNotification" + | "remoteLock"; +export type DeviceComplianceScriptRuleDataType = + | "none" | "boolean" - | "user" - | "url" - | "calculated" - | "location" - | "geolocation" - | "term" - | "multiterm" - | "thumbnail" - | "approvalStatus" - | "unknownFutureValue"; -export type DriveItemSourceApplication = - | "teams" - | "yammer" - | "sharePoint" - | "oneDrive" - | "stream" - | "powerPoint" - | "office" - | "unknownFutureValue"; -export type HorizontalSectionLayoutType = + | "int64" + | "double" + | "string" + | "dateTime" + | "version" + | "base64" + | "xml" + | "booleanArray" + | "int64Array" + | "doubleArray" + | "stringArray" + | "dateTimeArray" + | "versionArray"; +export type DeviceComplianceScriptRulesValidationError = | "none" - | "oneColumn" - | "twoColumns" - | "threeColumns" - | "oneThirdLeftColumn" - | "oneThirdRightColumn" - | "fullWidth" - | "unknownFutureValue"; -export type LongRunningOperationStatus = "notStarted" | "running" | "succeeded" | "failed" | "unknownFutureValue"; -export type MediaSourceContentCategory = - | "meeting" - | "liveStream" - | "presentation" - | "screenRecording" - | "unknownFutureValue"; -export type PageLayoutType = "microsoftReserved" | "article" | "home" | "unknownFutureValue"; -export type PagePromotionType = "microsoftReserved" | "page" | "newsPost" | "unknownFutureValue"; -export type SectionEmphasisType = "none" | "neutral" | "soft" | "strong" | "unknownFutureValue"; -export type SensitivityLabelAssignmentMethod = "standard" | "privileged" | "auto" | "unknownFutureValue"; -export type TitleAreaLayoutType = "imageAndTitle" | "plain" | "colorBlock" | "overlap" | "unknownFutureValue"; -export type TitleAreaTextAlignmentType = "left" | "center" | "unknownFutureValue"; -export type RemindBeforeTimeInMinutesType = "mins15" | "unknownFutureValue"; -export type VirtualAppointmentSmsType = "confirmation" | "reschedule" | "cancellation" | "unknownFutureValue"; -export type MessageEventType = - | "received" - | "sent" - | "delivered" - | "failed" - | "processingFailed" - | "distributionGroupExpanded" - | "submitted" - | "delayed" - | "redirected" - | "resolved" - | "dropped" - | "recipientsAdded" - | "malwareDetected" - | "malwareDetectedInMessage" - | "malwareDetectedInAttachment" - | "ttZapped" - | "ttDelivered" - | "spamDetected" - | "transportRuleTriggered" - | "dlpRuleTriggered" - | "journaled" - | "unknownFutureValue"; -export type MessageStatus = - | "gettingStatus" - | "pending" - | "failed" - | "delivered" - | "expanded" - | "quarantined" - | "filteredAsSpam" - | "unknownFutureValue"; -export type AgentStatus = "active" | "inactive"; -export type ConnectorGroupRegion = "nam" | "eur" | "aus" | "asia" | "ind" | "unknownFutureValue"; -export type ConnectorGroupType = "applicationProxy"; -export type ConnectorStatus = "active" | "inactive"; -export type ExternalAuthenticationType = "passthru" | "aadPreAuthentication"; -export type KerberosSignOnMappingAttributeType = - | "userPrincipalName" - | "onPremisesUserPrincipalName" - | "userPrincipalUsername" - | "onPremisesUserPrincipalUsername" - | "onPremisesSAMAccountName"; -export type OnPremisesPublishingType = - | "applicationProxy" - | "exchangeOnline" + | "jsonFileInvalid" + | "jsonFileMissing" + | "jsonFileTooLarge" + | "rulesMissing" + | "duplicateRules" + | "tooManyRulesSpecified" + | "operatorMissing" + | "operatorNotSupported" + | "datatypeMissing" + | "datatypeNotSupported" + | "operatorDataTypeCombinationNotSupported" + | "moreInfoUriMissing" + | "moreInfoUriInvalid" + | "moreInfoUriTooLarge" + | "descriptionMissing" + | "descriptionInvalid" + | "descriptionTooLarge" + | "titleMissing" + | "titleInvalid" + | "titleTooLarge" + | "operandMissing" + | "operandInvalid" + | "operandTooLarge" + | "settingNameMissing" + | "settingNameInvalid" + | "settingNameTooLarge" + | "englishLocaleMissing" + | "duplicateLocales" + | "unrecognizedLocale" + | "unknown" + | "remediationStringsMissing"; +export type DeviceComplianceScriptRulOperator = + | "none" + | "and" + | "or" + | "isEquals" + | "notEquals" + | "greaterThan" + | "lessThan" + | "between" + | "notBetween" + | "greaterEquals" + | "lessEquals" + | "dayTimeBetween" + | "beginsWith" + | "notBeginsWith" + | "endsWith" + | "notEndsWith" + | "contains" + | "notContains" + | "allOf" + | "oneOf" + | "noneOf" + | "setEquals" + | "orderedSetEquals" + | "subsetOf" + | "excludesAll"; +export type DeviceConfigAssignmentIntent = "apply" | "remove"; +export type DeviceCustomAttributeValueType = "integer" | "string" | "dateTime"; +export type DeviceEnrollmentConfigurationType = + | "unknown" + | "limit" + | "platformRestrictions" + | "windowsHelloForBusiness" + | "defaultLimit" + | "defaultPlatformRestrictions" + | "defaultWindowsHelloForBusiness" + | "defaultWindows10EnrollmentCompletionPageConfiguration" + | "windows10EnrollmentCompletionPageConfiguration" + | "deviceComanagementAuthorityConfiguration" + | "singlePlatformRestriction" + | "unknownFutureValue" + | "enrollmentNotificationsConfiguration"; +export type DeviceEnrollmentFailureReason = + | "unknown" | "authentication" - | "provisioning" - | "intunePfx" - | "oflineDomainJoin" - | "unknownFutureValue"; -export type PrivateNetworkDestinationType = - | "ipAddress" - | "ipRange" - | "ipRangeCidr" - | "fqdn" - | "dnsSuffix" - | "unknownFutureValue"; -export type PrivateNetworkProtocol = "tcp" | "udp" | "unknownFutureValue"; -export type SingleSignOnMode = + | "authorization" + | "accountValidation" + | "userValidation" + | "deviceNotSupported" + | "inMaintenance" + | "badRequest" + | "featureNotSupported" + | "enrollmentRestrictionsEnforced" + | "clientDisconnected" + | "userAbandonment"; +export type DeviceEnrollmentType = + | "unknown" + | "userEnrollment" + | "deviceEnrollmentManager" + | "appleBulkWithUser" + | "appleBulkWithoutUser" + | "windowsAzureADJoin" + | "windowsBulkUserless" + | "windowsAutoEnrollment" + | "windowsBulkAzureDomainJoin" + | "windowsCoManagement" + | "windowsAzureADJoinUsingDeviceAuth" + | "appleUserEnrollment" + | "appleUserEnrollmentWithServiceAccount" + | "azureAdJoinUsingAzureVmExtension" + | "androidEnterpriseDedicatedDevice" + | "androidEnterpriseFullyManaged" + | "androidEnterpriseCorporateWorkProfile" + | "androidAOSPUserOwnedDeviceEnrollment" + | "androidAOSPUserlessDeviceEnrollment"; +export type DeviceEventLevel = | "none" - | "onPremisesKerberos" - | "saml" - | "pingHeaderBased" - | "aadHeaderBased" - | "oAuthToken" + | "verbose" + | "information" + | "warning" + | "error" + | "critical" | "unknownFutureValue"; -export type StagedFeatureName = - | "passthroughAuthentication" - | "seamlessSso" - | "passwordHashSync" - | "emailAsAlternateId" - | "unknownFutureValue" - | "certificateBasedAuthentication"; -export type MembershipRuleProcessingStatusDetails = - | "NotStarted" - | "Running" - | "Failed" - | "Succeeded" - | "UnsupportedFutureValue"; -export type AttributeDefinitionMetadata = - | "BaseAttributeName" - | "ComplexObjectDefinition" - | "IsContainer" - | "IsCustomerDefined" - | "IsDomainQualified" - | "LinkPropertyNames" - | "LinkTypeName" - | "MaximumLength" - | "ReferencedProperty"; -export type AttributeFlowBehavior = "FlowWhenChanged" | "FlowAlways"; -export type AttributeFlowType = "Always" | "ObjectAddOnly" | "MultiValueAddOnly" | "ValueAddOnly" | "AttributeAddOnly"; -export type AttributeMappingSourceType = "Attribute" | "Constant" | "Function"; -export type AttributeType = "String" | "Integer" | "Reference" | "Binary" | "Boolean" | "DateTime"; -export type DirectoryDefinitionDiscoverabilities = - | "None" - | "AttributeNames" - | "AttributeDataTypes" - | "AttributeReadOnly" - | "ReferenceAttributes" - | "UnknownFutureValue"; -export type EntryExportStatus = "Noop" | "Success" | "RetryableError" | "PermanentError" | "Error"; -export type EntrySyncOperation = "None" | "Add" | "Delete" | "Update"; -export type EscrowBehavior = "Default" | "IgnoreLookupReferenceResolutionFailure"; -export type Mutability = "ReadWrite" | "ReadOnly" | "Immutable" | "WriteOnly"; -export type ObjectDefinitionMetadata = - | "PropertyNameAccountEnabled" - | "PropertyNameSoftDeleted" - | "IsSoftDeletionSupported" - | "IsSynchronizeAllSupported" - | "ConnectorDataStorageRequired" - | "Extensions" - | "BaseObjectName"; -export type ObjectFlowTypes = "None" | "Add" | "Update" | "Delete"; -export type ObjectMappingMetadata = - | "EscrowBehavior" - | "DisableMonitoringForChanges" - | "OriginalJoiningProperty" - | "Disposition" - | "IsCustomerDefined" - | "ExcludeFromReporting" - | "Unsynchronized"; -export type QuarantineReason = - | "EncounteredBaseEscrowThreshold" - | "EncounteredTotalEscrowThreshold" - | "EncounteredEscrowProportionThreshold" - | "EncounteredQuarantineException" - | "Unknown" - | "QuarantinedOnDemand" - | "TooManyDeletes" - | "IngestionInterrupted"; -export type ScopeOperatorMultiValuedComparisonType = "All" | "Any"; -export type ScopeOperatorType = "Binary" | "Unary"; -export type SynchronizationDisposition = "Normal" | "Discard" | "Escrow"; -export type SynchronizationJobRestartScope = - | "None" - | "ConnectorDataStore" - | "Escrows" - | "Watermark" - | "QuarantineState" - | "Full" - | "ForceDeletes"; -export type SynchronizationMetadata = - | "galleryApplicationIdentifier" - | "galleryApplicationKey" - | "isOAuthEnabled" - | "IsSynchronizationAgentAssignmentRequired" - | "isSynchronizationAgentRequired" - | "isSynchronizationInPreview" - | "oAuthSettings" - | "synchronizationLearnMoreIbizaFwLink" - | "configurationFields"; -export type SynchronizationScheduleState = "Active" | "Disabled" | "Paused"; -export type SynchronizationSecret = - | "None" - | "UserName" - | "Password" - | "SecretToken" - | "AppKey" - | "BaseAddress" - | "ClientIdentifier" - | "ClientSecret" - | "SingleSignOnType" - | "Sandbox" - | "Url" - | "Domain" - | "ConsumerKey" - | "ConsumerSecret" - | "TokenKey" - | "TokenExpiration" - | "Oauth2AccessToken" - | "Oauth2AccessTokenCreationTime" - | "Oauth2RefreshToken" - | "SyncAll" - | "InstanceName" - | "Oauth2ClientId" - | "Oauth2ClientSecret" - | "CompanyId" - | "UpdateKeyOnSoftDelete" - | "SynchronizationSchedule" - | "SystemOfRecord" - | "SandboxName" - | "EnforceDomain" - | "SyncNotificationSettings" - | "SkipOutOfScopeDeletions" - | "Oauth2AuthorizationCode" - | "Oauth2RedirectUri" - | "ApplicationTemplateIdentifier" - | "Oauth2TokenExchangeUri" - | "Oauth2AuthorizationUri" - | "AuthenticationType" - | "Server" - | "PerformInboundEntitlementGrants" - | "HardDeletesEnabled" - | "SyncAgentCompatibilityKey" - | "SyncAgentADContainer" - | "ValidateDomain" - | "TestReferences" - | "ConnectionString"; -export type SynchronizationStatusCode = "NotConfigured" | "NotRun" | "Active" | "Paused" | "Quarantine"; -export type SynchronizationTaskExecutionResult = "Succeeded" | "Failed" | "EntryLevelErrors"; -export type AccessReviewHistoryDecisionFilter = - | "approve" - | "deny" - | "notReviewed" - | "dontKnow" - | "notNotified" +export type DeviceGuardLocalSystemAuthorityCredentialGuardState = + | "running" + | "rebootRequired" + | "notLicensed" + | "notConfigured" + | "virtualizationBasedSecurityNotRunning"; +export type DeviceGuardLocalSystemAuthorityCredentialGuardType = + | "notConfigured" + | "enableWithUEFILock" + | "enableWithoutUEFILock" + | "disable"; +export type DeviceGuardVirtualizationBasedSecurityHardwareRequirementState = + | "meetHardwareRequirements" + | "secureBootRequired" + | "dmaProtectionRequired" + | "hyperVNotSupportedForGuestVM" + | "hyperVNotAvailable"; +export type DeviceGuardVirtualizationBasedSecurityState = + | "running" + | "rebootRequired" + | "require64BitArchitecture" + | "notLicensed" + | "notConfigured" + | "doesNotMeetHardwareRequirements" + | "other"; +export type DeviceHealthScriptType = "deviceHealthScript" | "managedInstallerScript"; +export type DeviceIdentityAttestationStatus = + | "unknown" + | "trusted" + | "unTrusted" + | "notSupported" + | "incompleteData" | "unknownFutureValue"; -export type AccessReviewHistoryStatus = "done" | "inprogress" | "error" | "requested" | "unknownFutureValue"; -export type AccessReviewInstanceDecisionItemFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; -export type AccessReviewInstanceFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; -export type AccessReviewScheduleDefinitionFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; -export type AccessReviewStageFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; -export type ApprovalFilterByCurrentUserOptions = "target" | "createdBy" | "approver" | "unknownFutureValue"; -export type ConsentRequestFilterByCurrentUserOptions = "reviewer" | "unknownFutureValue"; -export type DecisionItemPrincipalResourceMembershipType = "direct" | "indirect" | "unknownFutureValue"; -export type UserSignInRecommendationScope = "tenant" | "application" | "unknownFutureValue"; -export type AgreementAcceptanceState = "accepted" | "declined" | "unknownFutureValue"; -export type ActivityType = "signin" | "user" | "unknownFutureValue" | "servicePrincipal"; -export type CloudAppSecuritySessionControlType = - | "mcasConfigured" - | "monitorOnly" - | "blockDownloads" +export type DeviceLicensingStatus = + | "unknown" + | "licenseRefreshStarted" + | "licenseRefreshPending" + | "deviceIsNotAzureActiveDirectoryJoined" + | "verifyingMicrosoftDeviceIdentity" + | "deviceIdentityVerificationFailed" + | "verifyingMicrosoftAccountIdentity" + | "microsoftAccountVerificationFailed" + | "acquiringDeviceLicense" + | "refreshingDeviceLicense" + | "deviceLicenseRefreshSucceed" + | "deviceLicenseRefreshFailed" + | "removingDeviceLicense" + | "deviceLicenseRemoveSucceed" + | "deviceLicenseRemoveFailed" | "unknownFutureValue"; -export type ConditionalAccessClientApp = - | "all" - | "browser" - | "mobileAppsAndDesktopClients" - | "exchangeActiveSync" - | "easSupported" - | "other" +export type DeviceLogCollectionTemplateType = "predefined" | "unknownFutureValue"; +export type DeviceManagementApplicabilityRuleType = "include" | "exclude"; +export type DeviceManagementAutopilotPolicyComplianceStatus = + | "unknown" + | "compliant" + | "installed" + | "notCompliant" + | "notInstalled" + | "error"; +export type DeviceManagementAutopilotPolicyType = "unknown" | "application" | "appModel" | "configurationPolicy"; +export type DeviceManagementCertificationAuthority = "notConfigured" | "microsoft" | "digiCert"; +export type DeviceManagementComparisonResult = "unknown" | "equal" | "notEqual" | "added" | "removed"; +export type DeviceManagementComplianceActionType = + | "noAction" + | "notification" + | "block" + | "retire" + | "wipe" + | "removeResourceAccessProfiles" + | "pushNotification" + | "remoteLock"; +export type DeviceManagementConfigurationAzureAdTrustType = "none" | "azureAdJoined" | "addWorkAccount" | "mdmOnly"; +export type DeviceManagementConfigurationControlType = + | "default" + | "dropdown" + | "smallTextBox" + | "largeTextBox" + | "toggle" + | "multiheaderGrid" + | "contextPane" | "unknownFutureValue"; -export type ConditionalAccessDevicePlatform = +export type DeviceManagementConfigurationDeviceMode = "none" | "kiosk"; +export type DeviceManagementConfigurationJustInTimeAssignmentPolicyType = + | "unknown" + | "entraSecurityGroup" + | "organizationalUnit" + | "unknownFutureValue"; +export type DeviceManagementConfigurationPlatforms = + | "none" | "android" | "iOS" - | "windows" - | "windowsPhone" | "macOS" - | "all" - | "unknownFutureValue" - | "linux"; -export type ConditionalAccessExternalTenantsMembershipKind = "all" | "enumerated" | "unknownFutureValue"; -export type ConditionalAccessGrantControl = - | "block" - | "mfa" - | "compliantDevice" - | "domainJoinedDevice" - | "approvedApplication" - | "compliantApplication" - | "passwordChange" + | "windows10X" + | "windows10" + | "linux" | "unknownFutureValue"; -export type ConditionalAccessGuestOrExternalUserTypes = +export type DeviceManagementConfigurationSecretSettingValueState = "invalid" | "notEncrypted" | "encryptedValueToken"; +export type DeviceManagementConfigurationSettingAccessTypes = | "none" - | "internalGuest" - | "b2bCollaborationGuest" - | "b2bCollaborationMember" - | "b2bDirectConnectUser" - | "otherExternalUser" - | "serviceProvider" + | "add" + | "copy" + | "delete" + | "get" + | "replace" + | "execute"; +export type DeviceManagementConfigurationSettingUsage = "none" | "configuration" | "compliance" | "unknownFutureValue"; +export type DeviceManagementConfigurationSettingVisibility = + | "none" + | "settingsCatalog" + | "template" | "unknownFutureValue"; -export type ConditionalAccessPolicyState = "enabled" | "disabled" | "enabledForReportingButNotEnforced"; -export type ContinuousAccessEvaluationMode = "strictEnforcement" | "disabled" | "unknownFutureValue" | "strictLocation"; -export type CountryLookupMethodType = "clientIpAddress" | "authenticatorAppGps" | "unknownFutureValue"; -export type FilterMode = "include" | "exclude"; -export type PersistentBrowserSessionMode = "always" | "never"; -export type RiskDetectionTimingType = "notDefined" | "realtime" | "nearRealtime" | "offline" | "unknownFutureValue"; -export type RiskEventType = - | "unlikelyTravel" - | "anonymizedIPAddress" - | "maliciousIPAddress" - | "unfamiliarFeatures" - | "malwareInfectedIPAddress" - | "suspiciousIPAddress" - | "leakedCredentials" - | "investigationsThreatIntelligence" - | "generic" - | "adminConfirmedUserCompromised" - | "mcasImpossibleTravel" - | "mcasSuspiciousInboxManipulationRules" - | "investigationsThreatIntelligenceSigninLinked" - | "maliciousIPAddressValidCredentialsBlockedIP" - | "unknownFutureValue"; -export type SignInFrequencyAuthenticationType = - | "primaryAndSecondaryAuthentication" - | "secondaryAuthentication" - | "unknownFutureValue"; -export type SignInFrequencyInterval = "timeBased" | "everyTime" | "unknownFutureValue"; -export type SigninFrequencyType = "days" | "hours"; -export type TemplateScenarios = - | "new" - | "secureFoundation" - | "zeroTrust" - | "remoteWork" - | "protectAdmins" - | "emergingThreats" - | "unknownFutureValue"; -export type AccessPackageAssignmentFilterByCurrentUserOptions = "target" | "createdBy" | "unknownFutureValue"; -export type AccessPackageAssignmentRequestFilterByCurrentUserOptions = - | "target" - | "createdBy" - | "approver" - | "unknownFutureValue"; -export type AccessPackageCustomExtensionHandlerStatus = "requestSent" | "requestReceived" | "unknownFutureValue"; -export type AccessPackageCustomExtensionStage = - | "assignmentRequestCreated" - | "assignmentRequestApproved" - | "assignmentRequestGranted" - | "assignmentRequestRemoved" - | "assignmentFourteenDaysBeforeExpiration" - | "assignmentOneDayBeforeExpiration" - | "unknownFutureValue"; -export type AccessPackageFilterByCurrentUserOptions = "allowedRequestor" | "unknownFutureValue"; -export type AccessPackageSubjectLifecycle = "notDefined" | "notGoverned" | "governed" | "unknownFutureValue"; -export type AccessReviewTimeoutBehavior = - | "keepAccess" - | "removeAccess" - | "acceptAccessRecommendation" - | "unknownFutureValue"; -export type CustomExtensionCalloutInstanceStatus = - | "calloutSent" - | "callbackReceived" - | "calloutFailed" - | "callbackTimedOut" - | "waitingForCallback" - | "unknownFutureValue"; -export type ExpirationPatternType = "notSpecified" | "noExpiration" | "afterDateTime" | "afterDuration"; -export type VerifiableCredentialPresentationStatusCode = - | "request_retrieved" - | "presentation_verified" +export type DeviceManagementConfigurationStringFormat = + | "none" + | "email" + | "guid" + | "ip" + | "base64" + | "url" + | "version" + | "xml" + | "date" + | "time" + | "binary" + | "regEx" + | "json" + | "dateTime" + | "surfaceHub" + | "bashScript" | "unknownFutureValue"; -export type ConnectedOrganizationState = "configured" | "proposed" | "unknownFutureValue"; -export type ActionSource = "manual" | "automatic" | "recommended" | "default"; -export type AssignmentMethod = "standard" | "privileged" | "auto"; -export type ContentAlignment = "left" | "right" | "center"; -export type ContentFormat = "default" | "email"; -export type ContentState = "rest" | "motion" | "use"; -export type WatermarkLayout = "horizontal" | "diagonal"; -export type AndroidDeviceOwnerEnrollmentMode = - | "corporateOwnedDedicatedDevice" - | "corporateOwnedFullyManaged" - | "corporateOwnedWorkProfile" - | "corporateOwnedAOSPUserlessDevice" - | "corporateOwnedAOSPUserAssociatedDevice"; -export type AndroidDeviceOwnerEnrollmentTokenType = - | "default" - | "corporateOwnedDedicatedDeviceWithAzureADSharedMode" - | "deviceStaging"; -export type AndroidForWorkAppConfigurationSchemaItemDataType = - | "bool" - | "integer" - | "string" - | "choice" - | "multiselect" - | "bundle" - | "bundleArray" - | "hidden"; -export type AndroidForWorkBindStatus = "notBound" | "bound" | "boundAndValidated" | "unbinding"; -export type AndroidForWorkEnrollmentTarget = "none" | "all" | "targeted" | "targetedAsEnrollmentRestrictions"; -export type AndroidForWorkSyncStatus = - | "success" - | "credentialsNotValid" - | "androidForWorkApiError" - | "managementServiceError" - | "unknownError" - | "none"; -export type AndroidManagedStoreAccountAppSyncStatus = - | "success" - | "credentialsNotValid" - | "androidForWorkApiError" - | "managementServiceError" - | "unknownError" - | "none"; -export type AndroidManagedStoreAccountBindStatus = "notBound" | "bound" | "boundAndValidated" | "unbinding"; -export type AndroidManagedStoreAccountEnrollmentTarget = +export type DeviceManagementConfigurationTechnologies = | "none" - | "all" - | "targeted" - | "targetedAsEnrollmentRestrictions"; -export type AndroidManagedStoreAppConfigurationSchemaItemDataType = - | "bool" - | "integer" - | "string" - | "choice" - | "multiselect" - | "bundle" - | "bundleArray" - | "hidden"; -export type AospWifiSecurityType = "none" | "wpa" | "wep"; -export type AndroidManagedStoreAutoUpdateMode = "default" | "postponed" | "priority" | "unknownFutureValue"; -export type AndroidPermissionActionType = "prompt" | "autoGrant" | "autoDeny"; -export type AndroidProfileApplicability = "default" | "androidWorkProfile" | "androidDeviceOwner"; -export type AndroidTargetedPlatforms = "androidDeviceAdministrator" | "androidOpenSourceProject" | "unknownFutureValue"; -export type CertificateStatus = "notProvisioned" | "provisioned"; -export type ComplianceStatus = + | "mdm" + | "windows10XManagement" + | "configManager" + | "appleRemoteManagement" + | "microsoftSense" + | "exchangeOnline" + | "mobileApplicationManagement" + | "linuxMdm" + | "enrollment" + | "endpointPrivilegeManagement" + | "unknownFutureValue" + | "windowsOsRecovery"; +export type DeviceManagementConfigurationTemplateFamily = + | "none" + | "endpointSecurityAntivirus" + | "endpointSecurityDiskEncryption" + | "endpointSecurityFirewall" + | "endpointSecurityEndpointDetectionAndResponse" + | "endpointSecurityAttackSurfaceReduction" + | "endpointSecurityAccountProtection" + | "endpointSecurityApplicationControl" + | "endpointSecurityEndpointPrivilegeManagement" + | "enrollmentConfiguration" + | "appQuietTime" + | "baseline" + | "unknownFutureValue" + | "deviceConfigurationScripts" + | "deviceConfigurationPolicies" + | "windowsOsRecoveryPolicies" + | "companyPortal"; +export type DeviceManagementConfigurationWindowsSkus = | "unknown" - | "notApplicable" - | "compliant" - | "remediated" - | "nonCompliant" - | "error" - | "conflict" - | "notAssigned"; -export type DeviceAndAppManagementAssignmentFilterType = "none" | "include" | "exclude"; -export type DeviceAndAppManagementAssignmentSource = "direct" | "policySets"; -export type InstallIntent = "available" | "required" | "uninstall" | "availableWithoutEnrollment"; -export type ManagedAppAvailability = "global" | "lineOfBusiness"; -export type MdmAppConfigKeyType = "stringType" | "integerType" | "realType" | "booleanType" | "tokenType"; -export type MicrosoftEdgeChannel = "dev" | "beta" | "stable" | "unknownFutureValue"; -export type MicrosoftStoreForBusinessLicenseType = "offline" | "online"; -export type MobileAppContentFileUploadState = - | "success" - | "transientError" - | "error" + | "windowsHome" + | "windowsProfessional" + | "windowsEnterprise" + | "windowsEducation" + | "windowsMobile" + | "windowsMobileEnterprise" + | "windowsTeamSurface" + | "iot" + | "iotEnterprise" + | "holoLens" + | "holoLensEnterprise" + | "holographicForBusiness" + | "windowsMultiSession" + | "surfaceHub"; +export type DeviceManagementDerivedCredentialIssuer = "intercede" | "entrustDatacard" | "purebred" | "xTec"; +export type DeviceManagementDerivedCredentialNotificationType = "none" | "companyPortal" | "email"; +export type DeviceManagementDomainJoinConnectorState = "active" | "error" | "inactive"; +export type DeviceManagementExchangeAccessLevel = "none" | "allow" | "block" | "quarantine"; +export type DeviceManagementExchangeAccessRuleType = "family" | "model"; +export type DeviceManagementExchangeAccessState = "none" | "unknown" | "allowed" | "blocked" | "quarantined"; +export type DeviceManagementExchangeAccessStateReason = + | "none" | "unknown" - | "azureStorageUriRequestSuccess" - | "azureStorageUriRequestPending" - | "azureStorageUriRequestFailed" - | "azureStorageUriRequestTimedOut" - | "azureStorageUriRenewalSuccess" - | "azureStorageUriRenewalPending" - | "azureStorageUriRenewalFailed" - | "azureStorageUriRenewalTimedOut" - | "commitFileSuccess" - | "commitFilePending" - | "commitFileFailed" - | "commitFileTimedOut"; -export type MobileAppDependencyType = "detect" | "autoInstall"; -export type MobileAppPublishingState = "notPublished" | "processing" | "published"; -export type MobileAppRelationshipType = "child" | "parent"; -export type MobileAppSupersedenceType = "update" | "replace"; -export type OfficeProductId = "o365ProPlusRetail" | "o365BusinessRetail" | "visioProRetail" | "projectProRetail"; -export type OfficeSuiteDefaultFileFormatType = - | "notConfigured" - | "officeOpenXMLFormat" - | "officeOpenDocumentFormat" + | "exchangeGlobalRule" + | "exchangeIndividualRule" + | "exchangeDeviceRule" + | "exchangeUpgrade" + | "exchangeMailboxPolicy" + | "other" + | "compliant" + | "notCompliant" + | "notEnrolled" + | "unknownLocation" + | "mfaRequired" + | "azureADBlockDueToAccessPolicy" + | "compromisedPassword" + | "deviceNotKnownWithManagedApp"; +export type DeviceManagementExchangeConnectorStatus = + | "none" + | "connectionPending" + | "connected" + | "disconnected" | "unknownFutureValue"; -export type OfficeSuiteInstallProgressDisplayLevel = "none" | "full"; -export type OfficeUpdateChannel = +export type DeviceManagementExchangeConnectorSyncType = "fullSync" | "deltaSync"; +export type DeviceManagementExchangeConnectorType = + | "onPremises" + | "hosted" + | "serviceToService" + | "dedicated" + | "unknownFutureValue"; +export type DeviceManagementExportJobLocalizationType = "localizedValuesAsAdditionalColumn" | "replaceLocalizableValues"; +export type DeviceManagementPartnerAppType = "unknown" | "singleTenantApp" | "multiTenantApp"; +export type DeviceManagementPartnerTenantState = + | "unknown" + | "unavailable" + | "enabled" + | "terminated" + | "rejected" + | "unresponsive"; +export type DeviceManagementReportFileFormat = "csv" | "pdf" | "json" | "unknownFutureValue"; +export type DeviceManagementReportStatus = "unknown" | "notStarted" | "inProgress" | "completed" | "failed"; +export type DeviceManagementResourceAccessProfileIntent = "apply" | "remove"; +export type DeviceManagementSubscriptions = | "none" - | "current" - | "deferred" - | "firstReleaseCurrent" - | "firstReleaseDeferred" - | "monthlyEnterprise"; -export type ResultantAppState = - | "notApplicable" - | "installed" - | "failed" - | "notInstalled" - | "uninstallFailed" - | "pendingInstall" - | "unknown"; -export type ResultantAppStateDetail = - | "processorArchitectureNotApplicable" - | "minimumDiskSpaceNotMet" - | "minimumOsVersionNotMet" - | "minimumPhysicalMemoryNotMet" - | "minimumLogicalProcessorCountNotMet" - | "minimumCpuSpeedNotMet" - | "platformNotApplicable" - | "fileSystemRequirementNotMet" - | "registryRequirementNotMet" - | "powerShellScriptRequirementNotMet" - | "supersedingAppsNotApplicable" - | "noAdditionalDetails" - | "dependencyFailedToInstall" - | "dependencyWithRequirementsNotMet" - | "dependencyPendingReboot" - | "dependencyWithAutoInstallDisabled" - | "supersededAppUninstallFailed" - | "supersededAppUninstallPendingReboot" - | "removingSupersededApps" - | "iosAppStoreUpdateFailedToInstall" - | "vppAppHasUpdateAvailable" - | "userRejectedUpdate" - | "uninstallPendingReboot" - | "supersedingAppsDetected" - | "supersededAppsDetected" - | "seeInstallErrorCode" - | "autoInstallDisabled" - | "managedAppNoLongerPresent" - | "userRejectedInstall" - | "userIsNotLoggedIntoAppStore" - | "untargetedSupersedingAppsDetected" - | "appRemovedBySupersedence" - | "seeUninstallErrorCode" - | "pendingReboot" - | "installingDependencies" - | "contentDownloaded"; -export type RunAsAccountType = "system" | "user"; -export type VppTokenAccountType = "business" | "education"; -export type VppTokenActionFailureReason = + | "intune" + | "office365" + | "intunePremium" + | "intune_EDU" + | "intune_SMB"; +export type DeviceManagementSubscriptionState = + | "pending" + | "active" + | "warning" + | "disabled" + | "deleted" + | "blocked" + | "lockedOut"; +export type DeviceManagementTemplateLifecycleState = + | "invalid" + | "draft" + | "active" + | "superseded" + | "deprecated" + | "retired"; +export type DeviceManagementTemplateSubtype = | "none" - | "appleFailure" - | "internalError" - | "expiredVppToken" - | "expiredApplePushNotificationCertificate"; -export type Win32LobAppAutoUpdateSupersededApps = "notConfigured" | "enabled" | "unknownFutureValue"; -export type Win32LobAppDeliveryOptimizationPriority = "notConfigured" | "foreground"; -export type Win32LobAppDetectionOperator = - | "notConfigured" - | "equal" - | "notEqual" - | "greaterThan" - | "greaterThanOrEqual" - | "lessThan" - | "lessThanOrEqual"; -export type Win32LobAppFileSystemDetectionType = - | "notConfigured" - | "exists" - | "modifiedDate" - | "createdDate" - | "version" - | "sizeInMB" - | "doesNotExist"; -export type Win32LobAppFileSystemOperationType = - | "notConfigured" - | "exists" - | "modifiedDate" - | "createdDate" - | "version" - | "sizeInMB" - | "doesNotExist"; -export type Win32LobAppMsiPackageType = "perMachine" | "perUser" | "dualPurpose"; -export type Win32LobAppNotification = "showAll" | "showReboot" | "hideAll"; -export type Win32LobAppPowerShellScriptDetectionType = - | "notConfigured" - | "string" - | "dateTime" - | "integer" - | "float" - | "version" - | "boolean"; -export type Win32LobAppPowerShellScriptRuleOperationType = - | "notConfigured" - | "string" - | "dateTime" - | "integer" - | "float" - | "version" - | "boolean"; -export type Win32LobAppRegistryDetectionType = - | "notConfigured" - | "exists" - | "doesNotExist" - | "string" + | "firewall" + | "diskEncryption" + | "attackSurfaceReduction" + | "endpointDetectionReponse" + | "accountProtection" + | "antivirus" + | "firewallSharedAppList" + | "firewallSharedIpList" + | "firewallSharedPortlist"; +export type DeviceManagementTemplateType = + | "securityBaseline" + | "specializedDevices" + | "advancedThreatProtectionSecurityBaseline" + | "deviceConfiguration" + | "custom" + | "securityTemplate" + | "microsoftEdgeSecurityBaseline" + | "microsoftOffice365ProPlusSecurityBaseline" + | "deviceCompliance" + | "deviceConfigurationForOffice365" + | "cloudPC" + | "firewallSharedSettings"; +export type DeviceManangementIntentValueType = | "integer" - | "version"; -export type Win32LobAppRegistryRuleOperationType = - | "notConfigured" - | "exists" - | "doesNotExist" + | "boolean" | "string" - | "integer" - | "version"; -export type Win32LobAppRestartBehavior = "basedOnReturnCode" | "allow" | "suppress" | "force"; -export type Win32LobAppReturnCodeType = "failed" | "success" | "softReboot" | "hardReboot" | "retry"; -export type Win32LobAppRuleOperator = - | "notConfigured" - | "equal" - | "notEqual" - | "greaterThan" - | "greaterThanOrEqual" - | "lessThan" - | "lessThanOrEqual"; -export type Win32LobAppRuleType = "detection" | "requirement"; -export type WindowsArchitecture = "none" | "x86" | "x64" | "arm" | "neutral" | "arm64"; -export type WindowsDeviceType = "none" | "desktop" | "mobile" | "holographic" | "team" | "unknownFutureValue"; -export type WinGetAppNotification = "showAll" | "showReboot" | "hideAll" | "unknownFutureValue"; -export type InstallState = "notApplicable" | "installed" | "failed" | "notInstalled" | "uninstallFailed" | "unknown"; -export type AssignmentFilterEvaluationResult = - | "unknown" - | "match" - | "notMatch" - | "inconclusive" - | "failure" - | "notEvaluated"; -export type AssignmentFilterManagementType = "devices" | "apps" | "unknownFutureValue"; -export type AssignmentFilterOperator = - | "notSet" - | "equals" - | "notEquals" - | "startsWith" - | "notStartsWith" - | "contains" - | "notContains" - | "in" - | "notIn" - | "endsWith" - | "notEndsWith"; -export type AssignmentFilterPayloadType = "notSet" | "enrollmentRestrictions"; -export type AssociatedAssignmentPayloadType = - | "unknown" - | "deviceConfigurationAndCompliance" - | "application" - | "androidEnterpriseApp" - | "enrollmentConfiguration" - | "groupPolicyConfiguration" - | "zeroTouchDeploymentDeviceConfigProfile" - | "androidEnterpriseConfiguration" - | "deviceFirmwareConfigurationInterfacePolicy" - | "resourceAccessPolicy" - | "win32app" - | "deviceManagmentConfigurationAndCompliancePolicy"; + | "complex" + | "collection" + | "abstractComplex"; export type DevicePlatformType = | "android" | "androidForWork" @@ -1809,482 +1994,22 @@ export type DevicePlatformType = | "androidAOSP" | "androidMobileApplicationManagement" | "iOSMobileApplicationManagement" - | "unknownFutureValue"; -export type ErrorCode = "noError" | "unauthorized" | "notFound" | "deleted"; -export type PolicySetStatus = "unknown" | "validating" | "partialSuccess" | "success" | "error" | "notAssigned"; -export type ChromeOSOnboardingStatus = - | "unknown" - | "inprogress" - | "onboarded" - | "failed" - | "offboarding" - | "unknownFutureValue"; -export type OnboardingStatus = "unknown" | "inprogress" | "onboarded" | "failed" | "offboarding" | "unknownFutureValue"; -export type ScopeTagTargetType = "none" | "user" | "device" | "unknownFutureValue"; -export type ServiceNowConnectionStatus = "disabled" | "enabled" | "unknownFutureValue"; -export type AdministratorConfiguredDeviceComplianceState = "basedOnDeviceCompliancePolicy" | "nonCompliant"; -export type AdvancedBitLockerState = - | "success" - | "noUserConsent" - | "osVolumeUnprotected" - | "osVolumeTpmRequired" - | "osVolumeTpmOnlyRequired" - | "osVolumeTpmPinRequired" - | "osVolumeTpmStartupKeyRequired" - | "osVolumeTpmPinStartupKeyRequired" - | "osVolumeEncryptionMethodMismatch" - | "recoveryKeyBackupFailed" - | "fixedDriveNotEncrypted" - | "fixedDriveEncryptionMethodMismatch" - | "loggedOnUserNonAdmin" - | "windowsRecoveryEnvironmentNotConfigured" - | "tpmNotAvailable" - | "tpmNotReady" - | "networkError"; -export type AndroidDeviceOwnerAppAutoUpdatePolicyType = "notConfigured" | "userChoice" | "never" | "wiFiOnly" | "always"; -export type AndroidDeviceOwnerBatteryPluggedMode = "notConfigured" | "ac" | "usb" | "wireless"; -export type AndroidDeviceOwnerCertificateAccessType = "userApproval" | "specificApps" | "unknownFutureValue"; -export type AndroidDeviceOwnerCrossProfileDataSharing = - | "notConfigured" - | "crossProfileDataSharingBlocked" - | "dataSharingFromWorkToPersonalBlocked" - | "crossProfileDataSharingAllowed" - | "unkownFutureValue"; -export type AndroidDeviceOwnerDefaultAppPermissionPolicyType = "deviceDefault" | "prompt" | "autoGrant" | "autoDeny"; -export type AndroidDeviceOwnerDelegatedAppScopeType = - | "unspecified" - | "certificateInstall" - | "captureNetworkActivityLog" - | "captureSecurityLog" - | "unknownFutureValue"; -export type AndroidDeviceOwnerEnrollmentProfileType = "notConfigured" | "dedicatedDevice" | "fullyManaged"; -export type AndroidDeviceOwnerKioskCustomizationStatusBar = - | "notConfigured" - | "notificationsAndSystemInfoEnabled" - | "systemInfoOnly"; -export type AndroidDeviceOwnerKioskCustomizationSystemNavigation = - | "notConfigured" - | "navigationEnabled" - | "homeButtonOnly"; -export type AndroidDeviceOwnerKioskModeFolderIcon = - | "notConfigured" - | "darkSquare" - | "darkCircle" - | "lightSquare" - | "lightCircle"; -export type AndroidDeviceOwnerKioskModeIconSize = - | "notConfigured" - | "smallest" - | "small" - | "regular" - | "large" - | "largest"; -export type AndroidDeviceOwnerKioskModeScreenOrientation = "notConfigured" | "portrait" | "landscape" | "autoRotate"; -export type AndroidDeviceOwnerLocationMode = "notConfigured" | "disabled" | "unknownFutureValue"; -export type AndroidDeviceOwnerPlayStoreMode = "notConfigured" | "allowList" | "blockList"; -export type AndroidDeviceOwnerRequiredPasswordType = - | "deviceDefault" - | "required" - | "numeric" - | "numericComplex" - | "alphabetic" - | "alphanumeric" - | "alphanumericWithSymbols" - | "lowSecurityBiometric" - | "customPassword"; -export type AndroidDeviceOwnerRequiredPasswordUnlock = "deviceDefault" | "daily" | "unkownFutureValue"; -export type AndroidDeviceOwnerSystemUpdateInstallType = "deviceDefault" | "postpone" | "windowed" | "automatic"; -export type AndroidDeviceOwnerVirtualHomeButtonType = "notConfigured" | "swipeUp" | "floating"; -export type AndroidDeviceOwnerWiFiSecurityType = "open" | "wep" | "wpaPersonal" | "wpaEnterprise"; -export type AndroidEapType = "eapTls" | "eapTtls" | "peap"; -export type AndroidForWorkCrossProfileDataSharingType = - | "deviceDefault" - | "preventAny" - | "allowPersonalToWork" - | "noRestrictions"; -export type AndroidForWorkDefaultAppPermissionPolicyType = "deviceDefault" | "prompt" | "autoGrant" | "autoDeny"; -export type AndroidForWorkRequiredPasswordType = - | "deviceDefault" - | "lowSecurityBiometric" - | "required" - | "atLeastNumeric" - | "numericComplex" - | "atLeastAlphabetic" - | "atLeastAlphanumeric" - | "alphanumericWithSymbols"; -export type AndroidForWorkVpnConnectionType = - | "ciscoAnyConnect" - | "pulseSecure" - | "f5EdgeClient" - | "dellSonicWallMobileConnect" - | "checkPointCapsuleVpn" - | "citrix"; -export type AndroidKeyguardFeature = - | "notConfigured" - | "camera" - | "notifications" - | "unredactedNotifications" - | "trustAgents" - | "fingerprint" - | "remoteInput" - | "allFeatures" - | "face" - | "iris" - | "biometrics"; -export type AndroidRequiredPasswordComplexity = "none" | "low" | "medium" | "high"; -export type AndroidRequiredPasswordType = - | "deviceDefault" - | "alphabetic" - | "alphanumeric" - | "alphanumericWithSymbols" - | "lowSecurityBiometric" - | "numeric" - | "numericComplex" - | "any"; -export type AndroidSafetyNetEvaluationType = "basic" | "hardwareBacked"; -export type AndroidUsernameSource = "username" | "userPrincipalName" | "samAccountName" | "primarySmtpAddress"; -export type AndroidVpnConnectionType = - | "ciscoAnyConnect" - | "pulseSecure" - | "f5EdgeClient" - | "dellSonicWallMobileConnect" - | "checkPointCapsuleVpn" - | "citrix" - | "microsoftTunnel" - | "netMotionMobility" - | "microsoftProtect"; -export type AndroidWiFiSecurityType = "open" | "wpaEnterprise" | "wpa2Enterprise"; -export type AndroidWorkProfileAccountUse = - | "allowAllExceptGoogleAccounts" - | "blockAll" - | "allowAll" - | "unknownFutureValue"; -export type AndroidWorkProfileCrossProfileDataSharingType = - | "deviceDefault" - | "preventAny" - | "allowPersonalToWork" - | "noRestrictions"; -export type AndroidWorkProfileDefaultAppPermissionPolicyType = "deviceDefault" | "prompt" | "autoGrant" | "autoDeny"; -export type AndroidWorkProfileRequiredPasswordType = - | "deviceDefault" - | "lowSecurityBiometric" - | "required" - | "atLeastNumeric" - | "numericComplex" - | "atLeastAlphabetic" - | "atLeastAlphanumeric" - | "alphanumericWithSymbols"; -export type AndroidWorkProfileVpnConnectionType = - | "ciscoAnyConnect" - | "pulseSecure" - | "f5EdgeClient" - | "dellSonicWallMobileConnect" - | "checkPointCapsuleVpn" - | "citrix" - | "paloAltoGlobalProtect" - | "microsoftTunnel" - | "netMotionMobility" - | "microsoftProtect"; -export type AospDeviceOwnerWiFiSecurityType = "open" | "wep" | "wpaPersonal" | "wpaEnterprise"; -export type AppInstallControlType = "notConfigured" | "anywhere" | "storeOnly" | "recommendations" | "preferStore"; -export type AppleDeploymentChannel = "deviceChannel" | "userChannel"; -export type AppleSubjectNameFormat = - | "commonName" - | "commonNameAsEmail" - | "custom" - | "commonNameIncludingEmail" - | "commonNameAsIMEI" - | "commonNameAsSerialNumber"; -export type AppleVpnConnectionType = - | "ciscoAnyConnect" - | "pulseSecure" - | "f5EdgeClient" - | "dellSonicWallMobileConnect" - | "checkPointCapsuleVpn" - | "customVpn" - | "ciscoIPSec" - | "citrix" - | "ciscoAnyConnectV2" - | "paloAltoGlobalProtect" - | "zscalerPrivateAccess" - | "f5Access2018" - | "citrixSso" - | "paloAltoGlobalProtectV2" - | "ikEv2" - | "alwaysOn" - | "microsoftTunnel" - | "netMotionMobility" - | "microsoftProtect"; -export type ApplicationGuardBlockClipboardSharingType = - | "notConfigured" - | "blockBoth" - | "blockHostToContainer" - | "blockContainerToHost" - | "blockNone"; -export type ApplicationGuardBlockFileTransferType = - | "notConfigured" - | "blockImageAndTextFile" - | "blockImageFile" - | "blockNone" - | "blockTextFile"; -export type ApplicationGuardEnabledOptions = - | "notConfigured" - | "enabledForEdge" - | "enabledForOffice" - | "enabledForEdgeAndOffice"; -export type AppListType = "none" | "appsInListCompliant" | "appsNotInListCompliant"; -export type AppLockerApplicationControlType = - | "notConfigured" - | "enforceComponentsAndStoreApps" - | "auditComponentsAndStoreApps" - | "enforceComponentsStoreAppsAndSmartlocker" - | "auditComponentsStoreAppsAndSmartlocker"; -export type AuthenticationTransformConstant = - | "md5_96" - | "sha1_96" - | "sha_256_128" - | "aes128Gcm" - | "aes192Gcm" - | "aes256Gcm"; -export type AutomaticUpdateMode = - | "userDefined" - | "notifyDownload" - | "autoInstallAtMaintenanceTime" - | "autoInstallAndRebootAtMaintenanceTime" - | "autoInstallAndRebootAtScheduledTime" - | "autoInstallAndRebootWithoutEndUserControl" - | "windowsDefault"; -export type AutoRestartNotificationDismissalMethod = "notConfigured" | "automatic" | "user" | "unknownFutureValue"; -export type BitLockerEncryptionMethod = "aesCbc128" | "aesCbc256" | "xtsAes128" | "xtsAes256"; -export type BitLockerRecoveryInformationType = "passwordAndKey" | "passwordOnly"; -export type BitLockerRecoveryPasswordRotationType = - | "notConfigured" - | "disabled" - | "enabledForAzureAd" - | "enabledForAzureAdAndHybrid"; -export type BrowserSyncSetting = "notConfigured" | "blockedWithUserOverride" | "blocked"; -export type CertificateDestinationStore = - | "computerCertStoreRoot" - | "computerCertStoreIntermediate" - | "userCertStoreIntermediate"; -export type CertificateIssuanceStates = - | "unknown" - | "challengeIssued" - | "challengeIssueFailed" - | "requestCreationFailed" - | "requestSubmitFailed" - | "challengeValidationSucceeded" - | "challengeValidationFailed" - | "issueFailed" - | "issuePending" - | "issued" - | "responseProcessingFailed" - | "responsePending" - | "enrollmentSucceeded" - | "enrollmentNotNeeded" + | "unknownFutureValue" + | "windowsMobileApplicationManagement"; +export type DeviceRegistrationState = + | "notRegistered" + | "registered" | "revoked" - | "removedFromCollection" - | "renewVerified" - | "installFailed" - | "installed" - | "deleteFailed" - | "deleted" - | "renewalRequested" - | "requested"; -export type CertificateRevocationStatus = "none" | "pending" | "issued" | "failed" | "revoked"; -export type CertificateStore = "user" | "machine"; -export type CertificateValidityPeriodScale = "days" | "months" | "years"; -export type ChangeUefiSettingsPermission = "notConfiguredOnly" | "none"; -export type Code = - | "none" - | "jsonFileInvalid" - | "jsonFileMissing" - | "jsonFileTooLarge" - | "rulesMissing" - | "duplicateRules" - | "tooManyRulesSpecified" - | "operatorMissing" - | "operatorNotSupported" - | "datatypeMissing" - | "datatypeNotSupported" - | "operatorDataTypeCombinationNotSupported" - | "moreInfoUriMissing" - | "moreInfoUriInvalid" - | "moreInfoUriTooLarge" - | "descriptionMissing" - | "descriptionInvalid" - | "descriptionTooLarge" - | "titleMissing" - | "titleInvalid" - | "titleTooLarge" - | "operandMissing" - | "operandInvalid" - | "operandTooLarge" - | "settingNameMissing" - | "settingNameInvalid" - | "settingNameTooLarge" - | "englishLocaleMissing" - | "duplicateLocales" - | "unrecognizedLocale" - | "unknown" - | "remediationStringsMissing"; -export type ConfigurationUsage = "blocked" | "required" | "allowed" | "notConfigured"; -export type DataType = - | "none" - | "boolean" - | "int64" - | "double" - | "string" - | "dateTime" - | "version" - | "base64" - | "xml" - | "booleanArray" - | "int64Array" - | "doubleArray" - | "stringArray" - | "dateTimeArray" - | "versionArray"; -export type DefenderAttackSurfaceType = "userDefined" | "block" | "auditMode" | "warn" | "disable"; -export type DefenderCloudBlockLevelType = "notConfigured" | "high" | "highPlus" | "zeroTolerance"; -export type DefenderMonitorFileActivity = - | "userDefined" - | "disable" - | "monitorAllFiles" - | "monitorIncomingFilesOnly" - | "monitorOutgoingFilesOnly"; -export type DefenderPotentiallyUnwantedAppAction = "deviceDefault" | "block" | "audit"; -export type DefenderPromptForSampleSubmission = - | "userDefined" - | "alwaysPrompt" - | "promptBeforeSendingPersonalData" - | "neverSendData" - | "sendAllDataWithoutPrompting"; -export type DefenderProtectionType = "userDefined" | "enable" | "auditMode" | "warn" | "notConfigured"; -export type DefenderRealtimeScanDirection = "monitorAllFiles" | "monitorIncomingFilesOnly" | "monitorOutgoingFilesOnly"; -export type DefenderScanType = "userDefined" | "disabled" | "quick" | "full"; -export type DefenderSecurityCenterITContactDisplayType = - | "notConfigured" - | "displayInAppAndInNotifications" - | "displayOnlyInApp" - | "displayOnlyInNotifications"; -export type DefenderSecurityCenterNotificationsFromAppType = - | "notConfigured" - | "blockNoncriticalNotifications" - | "blockAllNotifications"; -export type DefenderSubmitSamplesConsentType = - | "sendSafeSamplesAutomatically" - | "alwaysPrompt" - | "neverSend" - | "sendAllSamplesAutomatically"; -export type DefenderThreatAction = - | "deviceDefault" - | "clean" - | "quarantine" - | "remove" - | "allow" - | "userDefined" - | "block"; -export type DeliveryOptimizationGroupIdOptionsType = - | "notConfigured" - | "adSite" - | "authenticatedDomainSid" - | "dhcpUserOption" - | "dnsSuffix"; -export type DeliveryOptimizationRestrictPeerSelectionByOptions = "notConfigured" | "subnetMask"; -export type DerivedCredentialProviderType = "notConfigured" | "entrustDataCard" | "purebred" | "xTec" | "intercede"; -export type DeviceComplianceActionType = - | "noAction" - | "notification" - | "block" - | "retire" - | "wipe" - | "removeResourceAccessProfiles" - | "pushNotification" - | "remoteLock"; -export type DeviceComplianceScriptRuleDataType = - | "none" - | "boolean" - | "int64" - | "double" - | "string" - | "dateTime" - | "version" - | "base64" - | "xml" - | "booleanArray" - | "int64Array" - | "doubleArray" - | "stringArray" - | "dateTimeArray" - | "versionArray"; -export type DeviceComplianceScriptRulesValidationError = - | "none" - | "jsonFileInvalid" - | "jsonFileMissing" - | "jsonFileTooLarge" - | "rulesMissing" - | "duplicateRules" - | "tooManyRulesSpecified" - | "operatorMissing" - | "operatorNotSupported" - | "datatypeMissing" - | "datatypeNotSupported" - | "operatorDataTypeCombinationNotSupported" - | "moreInfoUriMissing" - | "moreInfoUriInvalid" - | "moreInfoUriTooLarge" - | "descriptionMissing" - | "descriptionInvalid" - | "descriptionTooLarge" - | "titleMissing" - | "titleInvalid" - | "titleTooLarge" - | "operandMissing" - | "operandInvalid" - | "operandTooLarge" - | "settingNameMissing" - | "settingNameInvalid" - | "settingNameTooLarge" - | "englishLocaleMissing" - | "duplicateLocales" - | "unrecognizedLocale" - | "unknown" - | "remediationStringsMissing"; -export type DeviceComplianceScriptRulOperator = - | "none" - | "and" - | "or" - | "isEquals" - | "notEquals" - | "greaterThan" - | "lessThan" - | "between" - | "notBetween" - | "greaterEquals" - | "lessEquals" - | "dayTimeBetween" - | "beginsWith" - | "notBeginsWith" - | "endsWith" - | "notEndsWith" - | "contains" - | "notContains" - | "allOf" - | "oneOf" - | "noneOf" - | "setEquals" - | "orderedSetEquals" - | "subsetOf" - | "excludesAll"; -export type DeviceConfigAssignmentIntent = "apply" | "remove"; -export type DeviceGuardLocalSystemAuthorityCredentialGuardType = - | "notConfigured" - | "enableWithUEFILock" - | "enableWithoutUEFILock" - | "disable"; -export type DeviceManagementApplicabilityRuleType = "include" | "exclude"; -export type DeviceManagementCertificationAuthority = "notConfigured" | "microsoft" | "digiCert"; + | "keyConflict" + | "approvalPending" + | "certificateReset" + | "notRegisteredPendingEnrollment" + | "unknown"; +export type DeviceScopeAction = undefined; +export type DeviceScopeActionStatus = "failed" | "succeeded" | "unknownFutureValue"; +export type DeviceScopeOperator = "none" | "equals" | "unknownFutureValue"; +export type DeviceScopeParameter = "none" | "scopeTag" | "unknownFutureValue"; +export type DeviceScopeStatus = "none" | "computing" | "insufficientData" | "completed" | "unknownFutureValue"; export type DeviceThreatProtectionLevel = "unavailable" | "secured" | "low" | "medium" | "high" | "notSet"; export type DeviceType = | "desktop" @@ -2338,9 +2063,35 @@ export type DeviceTypes = | "palm" | "unknown"; export type DiagnosticDataSubmissionMode = "userDefined" | "none" | "basic" | "enhanced" | "full"; +export type DiamondModel = "unknown" | "adversary" | "capability" | "infrastructure" | "victim" | "unknownFutureValue"; export type DiffieHellmanGroup = "group1" | "group2" | "group14" | "ecp256" | "ecp384" | "group24"; +export type DirectoryDefinitionDiscoverabilities = + | "None" + | "AttributeNames" + | "AttributeDataTypes" + | "AttributeReadOnly" + | "ReferenceAttributes" + | "UnknownFutureValue"; +export type DiscoverySource = "unknown" | "adminImport" | "deviceEnrollmentProgram"; +export type DiskType = "unknown" | "hdd" | "ssd" | "unknownFutureValue"; export type DmaGuardDeviceEnumerationPolicyType = "deviceDefault" | "blockAll" | "allowAll"; export type DomainNameSource = "fullDomainName" | "netBiosDomainName"; +export type DriveItemSourceApplication = + | "teams" + | "yammer" + | "sharePoint" + | "oneDrive" + | "stream" + | "powerPoint" + | "office" + | "loki" + | "loop" + | "other" + | "unknownFutureValue"; +export type DriverApprovalAction = "approve" | "decline" | "suspend"; +export type DriverApprovalStatus = "needsReview" | "declined" | "approved" | "suspended"; +export type DriverCategory = "recommended" | "previouslyApproved" | "other"; +export type DriverUpdateProfileApprovalType = "manual" | "automatic"; export type EapFastConfiguration = | "noProtectedAccessCredential" | "useProtectedAccessCredential" @@ -2360,43 +2111,374 @@ export type EdgeOpenOptions = "notConfigured" | "startPage" | "newTabPage" | "pr export type EdgeSearchEngineType = "default" | "bing"; export type EdgeTelemetryMode = "notConfigured" | "intranet" | "internet" | "intranetAndInternet"; export type EditionUpgradeLicenseType = "productKey" | "licenseFile" | "notConfigured"; -export type EmailCertificateType = "none" | "certificate" | "derivedCredential"; -export type EmailSyncDuration = - | "userDefined" - | "oneDay" - | "threeDays" - | "oneWeek" - | "twoWeeks" - | "oneMonth" - | "unlimited"; -export type EmailSyncSchedule = - | "userDefined" - | "asMessagesArrive" - | "manual" - | "fifteenMinutes" - | "thirtyMinutes" - | "sixtyMinutes" - | "basedOnMyUsage"; -export type Enablement = "notConfigured" | "enabled" | "disabled"; -export type EncryptionReadinessState = "notReady" | "ready"; -export type EncryptionState = "notEncrypted" | "encrypted"; -export type FileVaultState = "success" | "driveEncryptedByUser" | "userDeferredEncryption" | "escrowNotEnabled"; -export type FirewallCertificateRevocationListCheckMethodType = "deviceDefault" | "none" | "attempt" | "require"; -export type FirewallPacketQueueingMethodType = - | "deviceDefault" - | "disabled" - | "queueInbound" - | "queueOutbound" - | "queueBoth"; -export type FirewallPreSharedKeyEncodingMethodType = "deviceDefault" | "none" | "utF8"; +export type EducationAddedStudentAction = "none" | "assignIfOpen" | "unknownFutureValue"; +export type EducationAddToCalendarOptions = + | "none" + | "studentsAndPublisher" + | "studentsAndTeamOwners" + | "unknownFutureValue" + | "studentsOnly"; +export type EducationAssignmentStatus = "draft" | "published" | "assigned" | "unknownFutureValue" | "inactive"; +export type EducationExternalSource = "sis" | "manual" | "unknownFutureValue" | "lms"; +export type EducationFeedbackResourceOutcomeStatus = + | "notPublished" + | "pendingPublish" + | "published" + | "failedPublish" + | "unknownFutureValue"; +export type EducationGender = "female" | "male" | "other" | "unknownFutureValue"; +export type EducationModuleStatus = "draft" | "published" | "unknownFutureValue"; +export type EducationSubmissionStatus = + | "working" + | "submitted" + | "released" + | "returned" + | "unknownFutureValue" + | "reassigned" + | "excused"; +export type EducationSynchronizationProfileState = + | "deleting" + | "deletionFailed" + | "provisioningFailed" + | "provisioned" + | "provisioning" + | "unknownFutureValue"; +export type EducationSynchronizationStatus = + | "paused" + | "inProgress" + | "success" + | "error" + | "validationError" + | "quarantined" + | "unknownFutureValue" + | "extracting" + | "validating"; +export type EducationUserRole = "student" | "teacher" | "none" | "unknownFutureValue" | "faculty"; +export type ElevationRequestState = + | "none" + | "pending" + | "approved" + | "denied" + | "expired" + | "unknownFutureValue" + | "revoked"; +export type EligibilityFilteringEnabledEntities = + | "none" + | "swapRequest" + | "offerShiftRequest" + | "unknownFutureValue" + | "timeOffReason"; +export type EligibilityScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; +export type EligibilityScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; +export type EligibilityScheduleRequestFilterByCurrentUserOptions = + | "principal" + | "createdBy" + | "approver" + | "unknownFutureValue"; +export type EmailCertificateType = "none" | "certificate" | "derivedCredential"; +export type EmailRole = "unknown" | "sender" | "recipient" | "unknownFutureValue"; +export type EmailSyncDuration = + | "userDefined" + | "oneDay" + | "threeDays" + | "oneWeek" + | "twoWeeks" + | "oneMonth" + | "unlimited"; +export type EmailSyncSchedule = + | "userDefined" + | "asMessagesArrive" + | "manual" + | "fifteenMinutes" + | "thirtyMinutes" + | "sixtyMinutes" + | "basedOnMyUsage"; +export type EmailType = "unknown" | "work" | "personal" | "main" | "other"; +export type EmbeddedSIMDeviceStateValue = + | "notEvaluated" + | "failed" + | "installing" + | "installed" + | "deleting" + | "error" + | "deleted" + | "removedByUser"; +export type Enablement = "notConfigured" | "enabled" | "disabled"; +export type EncryptionReadinessState = "notReady" | "ready"; +export type EncryptionState = "notEncrypted" | "encrypted"; +export type EncryptWith = "template" | "userDefinedRights"; +export type EndpointSecurityConfigurationApplicablePlatform = + | "unknown" + | "macOS" + | "windows10AndLater" + | "windows10AndWindowsServer"; +export type EndpointSecurityConfigurationProfileType = + | "unknown" + | "antivirus" + | "windowsSecurity" + | "bitLocker" + | "fileVault" + | "firewall" + | "firewallRules" + | "endpointDetectionAndResponse" + | "deviceControl" + | "appAndBrowserIsolation" + | "exploitProtection" + | "webProtection" + | "applicationControl" + | "attackSurfaceReductionRules" + | "accountProtection"; +export type EndpointSecurityConfigurationType = + | "unknown" + | "antivirus" + | "diskEncryption" + | "firewall" + | "endpointDetectionAndResponse" + | "attackSurfaceReduction" + | "accountProtection"; +export type EndpointType = + | "default" + | "voicemail" + | "skypeForBusiness" + | "skypeForBusinessVoipPhone" + | "unknownFutureValue"; +export type EndUserNotificationPreference = "unknown" | "microsoft" | "custom" | "unknownFutureValue"; +export type EndUserNotificationSettingType = + | "unknown" + | "noTraining" + | "trainingSelected" + | "noNotification" + | "unknownFutureValue"; +export type EndUserNotificationType = + | "unknown" + | "positiveReinforcement" + | "noTraining" + | "trainingAssignment" + | "trainingReminder" + | "unknownFutureValue"; +export type EngagementAsyncOperationType = "createCommunity" | "unknownFutureValue"; +export type EnrollmentAvailabilityOptions = "availableWithPrompts" | "availableWithoutPrompts" | "unavailable"; +export type EnrollmentNotificationBrandingOptions = + | "none" + | "includeCompanyLogo" + | "includeCompanyName" + | "includeContactInformation" + | "includeCompanyPortalLink" + | "includeDeviceDetails" + | "unknownFutureValue"; +export type EnrollmentNotificationTemplateType = "email" | "push" | "unknownFutureValue"; +export type EnrollmentRestrictionPlatformType = + | "allPlatforms" + | "ios" + | "windows" + | "windowsPhone" + | "android" + | "androidForWork" + | "mac" + | "linux" + | "unknownFutureValue"; +export type EnrollmentState = "unknown" | "enrolled" | "pendingReset" | "failed" | "notContacted" | "blocked"; +export type EntityType = + | "event" + | "message" + | "driveItem" + | "externalItem" + | "site" + | "list" + | "listItem" + | "drive" + | "unknownFutureValue" + | "acronym" + | "bookmark" + | "chatMessage" + | "person" + | "qna"; +export type EntryExportStatus = "Noop" | "Success" | "RetryableError" | "PermanentError" | "Error"; +export type EntrySyncOperation = "None" | "Add" | "Delete" | "Update"; +export type ErrorCode = "noError" | "unauthorized" | "notFound" | "deleted"; +export type EscrowBehavior = "Default" | "IgnoreLookupReferenceResolutionFailure"; +export type EventType = "singleInstance" | "occurrence" | "exception" | "seriesMaster"; +export type ExchangeIdFormat = "entryId" | "ewsId" | "immutableEntryId" | "restId" | "restImmutableEntryId"; +export type ExpirationPatternType = "notSpecified" | "noExpiration" | "afterDateTime" | "afterDuration"; +export type ExpirationRequirement = + | "rememberMultifactorAuthenticationOnTrustedDevices" + | "tenantTokenLifetimePolicy" + | "audienceTokenLifetimePolicy" + | "signInFrequencyPeriodicReauthentication" + | "ngcMfa" + | "signInFrequencyEveryTime" + | "unknownFutureValue"; +export type ExternalAudienceScope = "none" | "contactsOnly" | "all"; +export type ExternalAuthenticationType = "passthru" | "aadPreAuthentication"; +export type ExternalEmailOtpState = "default" | "enabled" | "disabled" | "unknownFutureValue"; +export type ExternalItemContentType = "text" | "html" | "unknownFutureValue"; +export type ExternalSystemAccessMethods = "direct" | "roleChaining" | "unknownFutureValue"; +export type FeatureTargetType = "group" | "administrativeUnit" | "role" | "unknownFutureValue"; +export type FeatureType = "registration" | "reset" | "unknownFutureValue"; +export type FederatedIdpMfaBehavior = + | "acceptIfMfaDoneByFederatedIdp" + | "enforceMfaByFederatedIdp" + | "rejectMfaByFederatedIdp" + | "unknownFutureValue"; +export type Fido2RestrictionEnforcementType = "allow" | "block" | "unknownFutureValue"; +export type FileHashType = + | "unknown" + | "sha1" + | "sha256" + | "md5" + | "authenticodeHash256" + | "lsHash" + | "ctph" + | "unknownFutureValue"; +export type FileVaultState = "success" | "driveEncryptedByUser" | "userDeferredEncryption" | "escrowNotEnabled"; +export type FilterMode = "include" | "exclude"; +export type FirewallCertificateRevocationListCheckMethodType = "deviceDefault" | "none" | "attempt" | "require"; +export type FirewallPacketQueueingMethodType = + | "deviceDefault" + | "disabled" + | "queueInbound" + | "queueOutbound" + | "queueBoth"; +export type FirewallPreSharedKeyEncodingMethodType = "deviceDefault" | "none" | "utF8"; +export type FirmwareProtectionType = + | "notApplicable" + | "systemGuardSecureLaunch" + | "firmwareAttackSurfaceReduction" + | "disabled" + | "unknownFutureValue"; export type FolderProtectionType = | "userDefined" | "enable" | "auditMode" | "blockDiskModification" | "auditDiskModification"; +export type FollowupFlagStatus = "notFlagged" | "complete" | "flagged"; +export type FreeBusyStatus = "unknown" | "free" | "tentative" | "busy" | "oof" | "workingElsewhere"; +export type FrontlineCloudPcAccessState = + | "unassigned" + | "noLicensesAvailable" + | "activationFailed" + | "active" + | "activating" + | "standbyMode" + | "unknownFutureValue"; +export type GcpAccessType = "public" | "subjectToObjectAcls" | "private" | "unknownFutureValue"; +export type GcpEncryption = "google" | "customer" | "unknownFutureValue"; +export type GcpRoleType = "system" | "custom" | "unknownFutureValue"; +export type GiphyRatingType = "strict" | "moderate" | "unknownFutureValue"; +export type GlobalDeviceHealthScriptState = "notConfigured" | "pending" | "enabled"; +export type GroundingEntityType = "site" | "list" | "listItem" | "drive" | "driveItem" | "unknownFutureValue"; +export type GroupAccessType = "none" | "private" | "secret" | "public"; +export type GroupPolicyConfigurationIngestionType = "unknown" | "custom" | "builtIn" | "mixed" | "unknownFutureValue"; +export type GroupPolicyConfigurationType = "policy" | "preference"; +export type GroupPolicyDefinitionClassType = "user" | "machine"; +export type GroupPolicyMigrationReadiness = "none" | "partial" | "complete" | "error" | "notApplicable"; +export type GroupPolicyOperationStatus = "unknown" | "inProgress" | "success" | "failed"; +export type GroupPolicyOperationType = + | "none" + | "upload" + | "uploadNewVersion" + | "addLanguageFiles" + | "removeLanguageFiles" + | "updateLanguageFiles" + | "remove"; +export type GroupPolicySettingScope = "unknown" | "device" | "user"; +export type GroupPolicySettingType = + | "unknown" + | "policy" + | "account" + | "securityOptions" + | "userRightsAssignment" + | "auditSetting" + | "windowsFirewallSettings" + | "appLockerRuleCollection" + | "dataSourcesSettings" + | "devicesSettings" + | "driveMapSettings" + | "environmentVariables" + | "filesSettings" + | "folderOptions" + | "folders" + | "iniFiles" + | "internetOptions" + | "localUsersAndGroups" + | "networkOptions" + | "networkShares" + | "ntServices" + | "powerOptions" + | "printers" + | "regionalOptionsSettings" + | "registrySettings" + | "scheduledTasks" + | "shortcutSettings" + | "startMenuSettings"; +export type GroupPolicyType = "admxBacked" | "admxIngested"; +export type GroupPolicyUploadedDefinitionFileStatus = + | "none" + | "uploadInProgress" + | "available" + | "assigned" + | "removalInProgress" + | "uploadFailed" + | "removalFailed"; +export type GroupPrivacy = "unspecified" | "public" | "private" | "unknownFutureValue"; +export type GroupType = "unifiedGroups" | "azureAD" | "unknownFutureValue"; export type HashAlgorithms = "sha1" | "sha2"; +export type HealthState = "unknown" | "healthy" | "unhealthy"; +export type HorizontalSectionLayoutType = + | "none" + | "oneColumn" + | "twoColumns" + | "threeColumns" + | "oneThirdLeftColumn" + | "oneThirdRightColumn" + | "fullWidth" + | "unknownFutureValue"; +export type IamStatus = "active" | "inactive" | "disabled" | "unknownFutureValue"; +export type IdentityProviderState = "enabled" | "disabled" | "unknownFutureValue"; +export type IdentitySourceType = "azureActiveDirectory" | "external"; +export type IdentityUserFlowAttributeDataType = + | "string" + | "boolean" + | "int64" + | "stringCollection" + | "dateTime" + | "unknownFutureValue"; +export type IdentityUserFlowAttributeInputType = + | "textBox" + | "dateTimeDropdown" + | "radioSingleSelect" + | "dropdownSingleSelect" + | "emailBox" + | "checkboxMultiSelect"; +export type IdentityUserFlowAttributeType = "builtIn" | "custom" | "required" | "unknownFutureValue"; +export type ImageTaggingChoice = "disabled" | "basic" | "enhanced" | "unknownFutureValue"; +export type Importance = "low" | "normal" | "high"; +export type ImportedDeviceIdentityType = "unknown" | "imei" | "serialNumber" | "manufacturerModelSerial"; +export type ImportedWindowsAutopilotDeviceIdentityImportStatus = + | "unknown" + | "pending" + | "partial" + | "complete" + | "error"; +export type ImportedWindowsAutopilotDeviceIdentityUploadStatus = "noUpload" | "pending" | "complete" | "error"; +export type IncludedUserRoles = "all" | "privilegedAdmin" | "admin" | "user" | "unknownFutureValue"; +export type IncludedUserTypes = "all" | "member" | "guest" | "unknownFutureValue"; +export type IncomingTokenType = + | "none" + | "primaryRefreshToken" + | "saml11" + | "saml20" + | "unknownFutureValue" + | "remoteDesktopToken"; +export type IncompatiblePrinterSettings = "show" | "hide" | "unknownFutureValue"; +export type InferenceClassificationType = "focused" | "other"; +export type IngestionSource = "unknown" | "custom" | "builtIn" | "unknownFutureValue"; +export type InitiatorType = "user" | "application" | "system" | "unknownFutureValue"; export type InkAccessSetting = "notConfigured" | "enabled" | "disabled"; +export type InsiderRiskLevel = "none" | "minor" | "moderate" | "elevated" | "unknownFutureValue"; +export type InstallIntent = "available" | "required" | "uninstall" | "availableWithoutEnrollment"; +export type InstallState = "notApplicable" | "installed" | "failed" | "notInstalled" | "uninstallFailed" | "unknown"; export type IntendedPurpose = "unassigned" | "smimeEncryption" | "smimeSigning" | "vpn" | "wifi"; export type InternetExplorerMessageSetting = "notConfigured" | "disabled" | "enabled" | "keepGoing"; export type InternetSiteSecurityLevel = "userDefined" | "medium" | "mediumHigh" | "high"; @@ -2432,6 +2514,14 @@ export type IosUpdatesInstallStatus = | "idle" | "unknown"; export type IosWallpaperDisplayLocation = "notConfigured" | "lockScreen" | "homeScreen" | "lockAndHomeScreens"; +export type ITunesPairingMode = "disallow" | "allow" | "requiresCertificate"; +export type JoinType = "unknown" | "azureADJoined" | "azureADRegistered" | "hybridAzureADJoined"; +export type KerberosSignOnMappingAttributeType = + | "userPrincipalName" + | "onPremisesUserPrincipalName" + | "userPrincipalUsername" + | "onPremisesUserPrincipalUsername" + | "onPremisesSAMAccountName"; export type KeySize = "size1024" | "size2048" | "size4096"; export type KeyStorageProviderOption = | "useTpmKspOtherwiseUseSoftwareKsp" @@ -2441,6 +2531,24 @@ export type KeyStorageProviderOption = export type KeyUsages = "keyEncipherment" | "digitalSignature"; export type KioskModeManagedHomeScreenPinComplexity = "notConfigured" | "simple" | "complex"; export type KioskModeType = "notConfigured" | "singleAppMode" | "multiAppMode"; +export type Label = + | "title" + | "url" + | "createdBy" + | "lastModifiedBy" + | "authors" + | "createdDateTime" + | "lastModifiedDateTime" + | "fileName" + | "fileExtension"; +export type LanguageProficiencyLevel = + | "elementary" + | "conversational" + | "limitedWorking" + | "professionalWorking" + | "fullProfessional" + | "nativeOrBilingual" + | "unknownFutureValue"; export type LanManagerAuthenticationLevel = | "lmAndNltm" | "lmNtlmAndNtlmV2" @@ -2448,7 +2556,18 @@ export type LanManagerAuthenticationLevel = | "lmAndNtlmV2" | "lmNtlmV2AndNotLm" | "lmNtlmV2AndNotLmOrNtm"; +export type LayoutTemplateType = "default" | "verticalSplit" | "unknownFutureValue"; +export type Level = "beginner" | "intermediate" | "advanced" | "unknownFutureValue"; export type LicenseType = "notPaid" | "paid" | "trial" | "unknownFutureValue"; +export type LifecycleEventType = "missed" | "subscriptionRemoved" | "reauthorizationRequired"; +export type LobbyBypassScope = + | "organizer" + | "organization" + | "organizationAndFederated" + | "everyone" + | "unknownFutureValue" + | "invited" + | "organizationExcludingGuests"; export type LocalSecurityOptionsAdministratorElevationPromptBehaviorType = | "notConfigured" | "elevateWithoutPrompting" @@ -2487,6 +2606,29 @@ export type LocalSecurityOptionsStandardUserElevationPromptBehaviorType = | "automaticallyDenyElevationRequests" | "promptForCredentialsOnTheSecureDesktop" | "promptForCredentials"; +export type LocationType = + | "default" + | "conferenceRoom" + | "homeAddress" + | "businessAddress" + | "geoCoordinates" + | "streetAddress" + | "hotel" + | "restaurant" + | "localBusiness" + | "postalAddress"; +export type LocationUniqueIdType = "unknown" | "locationStore" | "directory" | "private" | "bing"; +export type LogonType = + | "unknown" + | "interactive" + | "remoteInteractive" + | "network" + | "batch" + | "service" + | "unknownFutureValue"; +export type LongRunningOperationStatus = "notStarted" | "running" | "succeeded" | "failed" | "unknownFutureValue"; +export type LostModeState = "disabled" | "enabled"; +export type MacAddressRandomizationMode = "automatic" | "hardware" | "unknownFutureValue"; export type MacOSContentCachingClientPolicy = | "notConfigured" | "clientsInLocalNetwork" @@ -2549,7 +2691,97 @@ export type MacOSSystemExtensionType = | "driverExtensionsAllowed" | "networkExtensionsAllowed" | "endpointSecurityExtensionsAllowed"; +export type MailboxRecipientType = "unknown" | "user" | "linked" | "shared" | "room" | "equipment" | "others"; +export type MailDestinationRoutingReason = + | "none" + | "mailFlowRule" + | "safeSender" + | "blockedSender" + | "advancedSpamFiltering" + | "domainAllowList" + | "domainBlockList" + | "notInAddressBook" + | "firstTimeSender" + | "autoPurgeToInbox" + | "autoPurgeToJunk" + | "autoPurgeToDeleted" + | "outbound" + | "notJunk" + | "junk" + | "unknownFutureValue"; +export type MailTipsType = + | "automaticReplies" + | "mailboxFullStatus" + | "customMailTip" + | "externalMemberCount" + | "totalMemberCount" + | "maxMessageSize" + | "deliveryRestriction" + | "moderationStatus" + | "recipientScope" + | "recipientSuggestions"; +export type ManagedAppAvailability = "global" | "lineOfBusiness"; +export type ManagedAppClipboardSharingLevel = "allApps" | "managedAppsWithPasteIn" | "managedApps" | "blocked"; +export type ManagedAppDataEncryptionType = + | "useDeviceSettings" + | "afterDeviceRestart" + | "whenDeviceLockedExceptOpenFiles" + | "whenDeviceLocked"; +export type ManagedAppDataIngestionLocation = "oneDriveForBusiness" | "sharePoint" | "camera" | "photoLibrary"; +export type ManagedAppDataStorageLocation = + | "oneDriveForBusiness" + | "sharePoint" + | "box" + | "localStorage" + | "photoLibrary"; +export type ManagedAppDataTransferLevel = "allApps" | "managedApps" | "none"; +export type ManagedAppDeviceThreatLevel = "notConfigured" | "secured" | "low" | "medium" | "high"; +export type ManagedAppFlaggedReason = + | "none" + | "rootedDevice" + | "androidBootloaderUnlocked" + | "androidFactoryRomModified"; +export type ManagedAppNotificationRestriction = "allow" | "blockOrganizationalData" | "block"; +export type ManagedAppPhoneNumberRedirectLevel = "allApps" | "managedApps" | "customApp" | "blocked"; +export type ManagedAppPinCharacterSet = "numeric" | "alphanumericAndSymbol"; +export type ManagedAppRemediationAction = "block" | "wipe" | "warn"; +export type ManagedBrowserType = "notConfigured" | "microsoftEdge"; +export type ManagedDeviceArchitecture = "unknown" | "x86" | "x64" | "arm" | "arM64"; +export type ManagedDeviceManagementFeatures = "none" | "microsoftManagedDesktop"; export type ManagedDeviceOwnerType = "unknown" | "company" | "personal"; +export type ManagedDevicePartnerReportedHealthState = + | "unknown" + | "activated" + | "deactivated" + | "secured" + | "lowSeverity" + | "mediumSeverity" + | "highSeverity" + | "unresponsive" + | "compromised" + | "misconfigured"; +export type ManagedDeviceRemoteAction = + | "retire" + | "delete" + | "fullScan" + | "quickScan" + | "signatureUpdate" + | "wipe" + | "customTextNotification" + | "rebootNow" + | "setDeviceName" + | "syncDevice" + | "deprovision" + | "disable" + | "reenable" + | "moveDeviceToOrganizationalUnit" + | "activateDeviceEsim" + | "collectDiagnostics" + | "initiateMobileDeviceManagementKeyRecovery" + | "initiateOnDemandProactiveRemediation" + | "unknownFutureValue" + | "initiateDeviceAttestation"; +export type ManagedInstallerStatus = "disabled" | "enabled"; export type ManagementAgentType = | "eas" | "mdm" @@ -2564,22 +2796,148 @@ export type ManagementAgentType = | "googleCloudDevicePolicyController" | "microsoft365ManagedMdm" | "msSense" - | "intuneAosp"; -export type MeteredConnectionLimitType = "unrestricted" | "fixed" | "variable"; -export type MicrosoftLauncherDockPresence = "notConfigured" | "show" | "hide" | "disabled"; -export type MicrosoftLauncherSearchBarPlacement = "notConfigured" | "top" | "bottom" | "hide"; -export type MiracastChannel = - | "userDefined" - | "one" - | "two" - | "three" - | "four" - | "five" - | "six" - | "seven" - | "eight" - | "nine" - | "ten" + | "intuneAosp" + | "google" + | "unknownFutureValue"; +export type ManagementState = + | "managed" + | "retirePending" + | "retireFailed" + | "wipePending" + | "wipeFailed" + | "unhealthy" + | "deletePending" + | "retireIssued" + | "wipeIssued" + | "wipeCanceled" + | "retireCanceled" + | "discovered"; +export type MdmAppConfigKeyType = "stringType" | "integerType" | "realType" | "booleanType" | "tokenType"; +export type MdmAuthority = "unknown" | "intune" | "sccm" | "office365"; +export type MdmSupportedState = "unknown" | "supported" | "unsupported" | "deprecated"; +export type MediaDirection = "inactive" | "sendOnly" | "receiveOnly" | "sendReceive"; +export type MediaSourceContentCategory = + | "meeting" + | "liveStream" + | "presentation" + | "screenRecording" + | "story" + | "profile" + | "chat" + | "note" + | "comment" + | "unknownFutureValue"; +export type MediaState = "active" | "inactive" | "unknownFutureValue"; +export type MeetingAudience = "everyone" | "organization" | "unknownFutureValue"; +export type MeetingCapabilities = "questionAndAnswer" | "unknownFutureValue"; +export type MeetingChatHistoryDefaultMode = "none" | "all" | "unknownFutureValue"; +export type MeetingChatMode = "enabled" | "disabled" | "limited" | "unknownFutureValue"; +export type MeetingMessageType = + | "none" + | "meetingRequest" + | "meetingCancelled" + | "meetingAccepted" + | "meetingTentativelyAccepted" + | "meetingDeclined"; +export type MeetingRegistrantStatus = "registered" | "canceled" | "processing" | "unknownFutureValue"; +export type MembershipRuleProcessingStatusDetails = + | "NotStarted" + | "Running" + | "Failed" + | "Succeeded" + | "UnsupportedFutureValue"; +export type MessageActionFlag = + | "any" + | "call" + | "doNotForward" + | "followUp" + | "fyi" + | "forward" + | "noResponseNecessary" + | "read" + | "reply" + | "replyToAll" + | "review"; +export type MessageEventType = + | "received" + | "sent" + | "delivered" + | "failed" + | "processingFailed" + | "distributionGroupExpanded" + | "submitted" + | "delayed" + | "redirected" + | "resolved" + | "dropped" + | "recipientsAdded" + | "malwareDetected" + | "malwareDetectedInMessage" + | "malwareDetectedInAttachment" + | "ttZapped" + | "ttDelivered" + | "spamDetected" + | "transportRuleTriggered" + | "dlpRuleTriggered" + | "journaled" + | "unknownFutureValue"; +export type MessageStatus = + | "gettingStatus" + | "pending" + | "failed" + | "delivered" + | "expanded" + | "quarantined" + | "filteredAsSpam" + | "unknownFutureValue"; +export type MessagingRedirectAppType = "anyApp" | "anyManagedApp" | "specificApps" | "blocked"; +export type MeteredConnectionLimitType = "unrestricted" | "fixed" | "variable"; +export type MfaFailureReasonCode = + | "mfaIncomplete" + | "mfaDenied" + | "systemFailure" + | "badRequest" + | "other" + | "unknownFutureValue"; +export type MicrosoftAuthenticatorAuthenticationMethodClientAppName = + | "microsoftAuthenticator" + | "outlookMobile" + | "unknownFutureValue"; +export type MicrosoftAuthenticatorAuthenticationMode = "deviceBasedPush" | "push" | "any"; +export type MicrosoftEdgeChannel = "dev" | "beta" | "stable" | "unknownFutureValue"; +export type MicrosoftLauncherDockPresence = "notConfigured" | "show" | "hide" | "disabled"; +export type MicrosoftLauncherSearchBarPlacement = "notConfigured" | "top" | "bottom" | "hide"; +export type MicrosoftManagedDesktopType = + | "notManaged" + | "premiumManaged" + | "standardManaged" + | "starterManaged" + | "unknownFutureValue"; +export type MicrosoftStoreForBusinessLicenseType = "offline" | "online"; +export type MicrosoftStoreForBusinessPortalSelectionOptions = "none" | "companyPortal" | "privateStore"; +export type MicrosoftTunnelLogCollectionStatus = "pending" | "completed" | "failed" | "unknownFutureValue"; +export type MicrosoftTunnelServerHealthStatus = + | "unknown" + | "healthy" + | "unhealthy" + | "warning" + | "offline" + | "upgradeInProgress" + | "upgradeFailed" + | "unknownFutureValue"; +export type MigrationStatus = "ready" | "needsReview" | "additionalStepsRequired" | "unknownFutureValue"; +export type MiracastChannel = + | "userDefined" + | "one" + | "two" + | "three" + | "four" + | "five" + | "six" + | "seven" + | "eight" + | "nine" + | "ten" | "eleven" | "thirtySix" | "forty" @@ -2590,14 +2948,221 @@ export type MiracastChannel = | "oneHundredFiftySeven" | "oneHundredSixtyOne" | "oneHundredSixtyFive"; +export type MlClassificationMatchTolerance = "exact" | "near"; +export type MobileAppActionType = + | "unknown" + | "installCommandSent" + | "installed" + | "uninstalled" + | "userRequestedInstall"; +export type MobileAppContentFileUploadState = + | "success" + | "transientError" + | "error" + | "unknown" + | "azureStorageUriRequestSuccess" + | "azureStorageUriRequestPending" + | "azureStorageUriRequestFailed" + | "azureStorageUriRequestTimedOut" + | "azureStorageUriRenewalSuccess" + | "azureStorageUriRenewalPending" + | "azureStorageUriRenewalFailed" + | "azureStorageUriRenewalTimedOut" + | "commitFileSuccess" + | "commitFilePending" + | "commitFileFailed" + | "commitFileTimedOut"; +export type MobileAppDependencyType = "detect" | "autoInstall"; +export type MobileAppIntent = + | "available" + | "notAvailable" + | "requiredInstall" + | "requiredUninstall" + | "requiredAndAvailableInstall" + | "availableInstallWithoutEnrollment" + | "exclude"; +export type MobileAppPublishingState = "notPublished" | "processing" | "published"; +export type MobileAppRelationshipType = "child" | "parent"; +export type MobileAppSupersedenceType = "update" | "replace"; +export type MobileThreatDefensePartnerPriority = + | "defenderOverThirdPartyPartner" + | "thirdPartyPartnerOverDefender" + | "unknownFutureValue"; +export type MobileThreatPartnerTenantState = + | "unavailable" + | "available" + | "enabled" + | "unresponsive" + | "notSetUp" + | "error" + | "unknownFutureValue"; +export type Modality = "unknown" | "audio" | "video" | "videoBasedScreenSharing" | "data" | "unknownFutureValue"; +export type MsiType = "none" | "userAssigned" | "systemAssigned" | "unknownFutureValue"; +export type MultiFactorAuthConfiguration = "notRequired" | "required" | "unknownFutureValue"; +export type MultiTenantOrganizationMemberProcessingStatus = + | "notStarted" + | "running" + | "succeeded" + | "failed" + | "unknownFutureValue"; +export type MultiTenantOrganizationMemberRole = "owner" | "member" | "unknownFutureValue"; +export type MultiTenantOrganizationMemberState = "pending" | "active" | "removed" | "unknownFutureValue"; +export type MultiTenantOrganizationState = "active" | "inactive" | "unknownFutureValue"; +export type MultiTenantOrgLabelType = "none" | "groupName" | "customName" | "unknownFutureValue"; +export type Mutability = "ReadWrite" | "ReadOnly" | "Immutable" | "WriteOnly"; export type NdesConnectorState = "none" | "active" | "inactive"; export type NetworkSingleSignOnType = "disabled" | "prelogon" | "postlogon"; +export type NetworkType = + | "intranet" + | "extranet" + | "namedNetwork" + | "trusted" + | "trustedNamedLocation" + | "unknownFutureValue"; export type NonEapAuthenticationMethodForEapTtlsType = | "unencryptedPassword" | "challengeHandshakeAuthenticationProtocol" | "microsoftChap" | "microsoftChapVersionTwo"; export type NonEapAuthenticationMethodForPeap = "none" | "microsoftChapVersionTwo"; +export type NotificationDeliveryFrequency = "unknown" | "weekly" | "biWeekly" | "unknownFutureValue"; +export type NotificationDeliveryPreference = + | "unknown" + | "deliverImmedietly" + | "deliverAfterCampaignEnd" + | "unknownFutureValue"; +export type NotificationTemplateBrandingOptions = + | "none" + | "includeCompanyLogo" + | "includeCompanyName" + | "includeContactInformation" + | "includeCompanyPortalLink" + | "includeDeviceDetails" + | "unknownFutureValue"; +export type OAuthAppScope = + | "unknown" + | "readCalendar" + | "readContact" + | "readMail" + | "readAllChat" + | "readAllFile" + | "readAndWriteMail" + | "sendMail" + | "unknownFutureValue"; +export type ObjectDefinitionMetadata = + | "PropertyNameAccountEnabled" + | "PropertyNameSoftDeleted" + | "IsSoftDeletionSupported" + | "IsSynchronizeAllSupported" + | "ConnectorDataStorageRequired" + | "Extensions" + | "BaseObjectName"; +export type ObjectFlowTypes = "None" | "Add" | "Update" | "Delete"; +export type ObjectMappingMetadata = + | "EscrowBehavior" + | "DisableMonitoringForChanges" + | "OriginalJoiningProperty" + | "Disposition" + | "IsCustomerDefined" + | "ExcludeFromReporting" + | "Unsynchronized"; +export type ObliterationBehavior = + | "default" + | "doNotObliterate" + | "obliterateWithWarning" + | "always" + | "unknownFutureValue"; +export type OfficeProductId = "o365ProPlusRetail" | "o365BusinessRetail" | "visioProRetail" | "projectProRetail"; +export type OfficeSuiteDefaultFileFormatType = + | "notConfigured" + | "officeOpenXMLFormat" + | "officeOpenDocumentFormat" + | "unknownFutureValue"; +export type OfficeSuiteInstallProgressDisplayLevel = "none" | "full"; +export type OfficeUpdateChannel = + | "none" + | "current" + | "deferred" + | "firstReleaseCurrent" + | "firstReleaseDeferred" + | "monthlyEnterprise"; +export type OnboardingStatus = "unknown" | "inprogress" | "onboarded" | "failed" | "offboarding" | "unknownFutureValue"; +export type OnenotePatchActionType = "Replace" | "Append" | "Delete" | "Insert" | "Prepend"; +export type OnenotePatchInsertPosition = "After" | "Before"; +export type OnenoteSourceService = "Unknown" | "OneDrive" | "OneDriveForBusiness" | "OnPremOneDriveForBusiness"; +export type OnenoteUserRole = "None" | "Owner" | "Contributor" | "Reader"; +export type OnlineMeetingContentSharingDisabledReason = "watermarkProtection" | "unknownFutureValue"; +export type OnlineMeetingForwarders = "everyone" | "organizer" | "unknownFutureValue"; +export type OnlineMeetingPresenters = + | "everyone" + | "organization" + | "roleIsPresenter" + | "organizer" + | "unknownFutureValue"; +export type OnlineMeetingProviderType = "unknown" | "skypeForBusiness" | "skypeForConsumer" | "teamsForBusiness"; +export type OnlineMeetingRole = "attendee" | "presenter" | "producer" | "unknownFutureValue" | "coorganizer"; +export type OnlineMeetingVideoDisabledReason = "watermarkProtection" | "unknownFutureValue"; +export type OnPremisesDirectorySynchronizationDeletionPreventionType = + | "disabled" + | "enabledForCount" + | "enabledForPercentage" + | "unknownFutureValue"; +export type OnPremisesPublishingType = + | "applicationProxy" + | "exchangeOnline" + | "authentication" + | "provisioning" + | "intunePfx" + | "oflineDomainJoin" + | "unknownFutureValue"; +export type OpenIdConnectResponseMode = "form_post" | "query" | "unknownFutureValue"; +export type OpenIdConnectResponseTypes = "code" | "id_token" | "token"; +export type OperatingSystemUpgradeEligibility = "upgraded" | "unknown" | "notCapable" | "capable" | "unknownFutureValue"; +export type OperationApprovalPolicyPlatform = + | "notApplicable" + | "androidDeviceAdministrator" + | "androidEnterprise" + | "iOSiPadOS" + | "macOS" + | "windows10AndLater" + | "windows81AndLater" + | "windows10X" + | "unknownFutureValue"; +export type OperationApprovalPolicyType = + | "unknown" + | "deviceAction" + | "deviceWipe" + | "deviceRetire" + | "deviceRetireNonCompliant" + | "deviceDelete" + | "deviceLock" + | "deviceErase" + | "deviceDisableActivationLock" + | "windowsEnrollment" + | "compliancePolicy" + | "configurationPolicy" + | "appProtectionPolicy" + | "policySet" + | "filter" + | "endpointSecurityPolicy" + | "app" + | "script" + | "role" + | "deviceResetPasscode" + | "customOrganizationalMessage" + | "unknownFutureValue"; +export type OperationApprovalRequestStatus = + | "unknown" + | "needsApproval" + | "approved" + | "rejected" + | "cancelled" + | "completed" + | "expired" + | "unknownFutureValue"; +export type OperationApprovalSource = "unknown" | "adminConsole" | "email" | "unknownFutureValue"; +export type OperationResult = "success" | "failure" | "timeout" | "unknownFutureValue"; +export type OperationStatus = "NotStarted" | "Running" | "Completed" | "Failed"; export type Operator = | "none" | "and" @@ -2624,8 +3189,194 @@ export type Operator = | "orderedSetEquals" | "subsetOf" | "excludesAll"; +export type OriginalTransferMethods = "none" | "deviceCodeFlow" | "authenticationTransfer" | "unknownFutureValue"; +export type OutlierContainerType = "group" | "unknownFutureValue"; +export type OutlierMemberType = "user" | "unknownFutureValue"; +export type OwnerType = "unknown" | "company" | "personal"; +export type PageLayoutType = "microsoftReserved" | "article" | "home" | "unknownFutureValue"; +export type PageOrientation = "horizontal" | "diagonal"; +export type PagePromotionType = "microsoftReserved" | "page" | "newsPost" | "unknownFutureValue"; +export type PartnerTenantType = + | "microsoftSupport" + | "syndicatePartner" + | "breadthPartner" + | "breadthPartnerDelegatedAdmin" + | "resellerPartnerDelegatedAdmin" + | "valueAddedResellerPartnerDelegatedAdmin" + | "unknownFutureValue"; +export type PayloadBrand = + | "unknown" + | "other" + | "americanExpress" + | "capitalOne" + | "dhl" + | "docuSign" + | "dropbox" + | "facebook" + | "firstAmerican" + | "microsoft" + | "netflix" + | "scotiabank" + | "sendGrid" + | "stewartTitle" + | "tesco" + | "wellsFargo" + | "syrinxCloud" + | "adobe" + | "teams" + | "zoom" + | "unknownFutureValue"; +export type PayloadComplexity = "unknown" | "low" | "medium" | "high" | "unknownFutureValue"; +export type PayloadDeliveryPlatform = "unknown" | "sms" | "email" | "teams" | "unknownFutureValue"; +export type PayloadIndustry = + | "unknown" + | "other" + | "banking" + | "businessServices" + | "consumerServices" + | "education" + | "energy" + | "construction" + | "consulting" + | "financialServices" + | "government" + | "hospitality" + | "insurance" + | "legal" + | "courierServices" + | "IT" + | "healthcare" + | "manufacturing" + | "retail" + | "telecom" + | "realEstate" + | "unknownFutureValue"; +export type PayloadTheme = + | "unknown" + | "other" + | "accountActivation" + | "accountVerification" + | "billing" + | "cleanUpMail" + | "controversial" + | "documentReceived" + | "expense" + | "fax" + | "financeReport" + | "incomingMessages" + | "invoice" + | "itemReceived" + | "loginAlert" + | "mailReceived" + | "password" + | "payment" + | "payroll" + | "personalizedOffer" + | "quarantine" + | "remoteWork" + | "reviewMessage" + | "securityUpdate" + | "serviceSuspended" + | "signatureRequired" + | "upgradeMailboxStorage" + | "verifyMailbox" + | "voicemail" + | "advertisement" + | "employeeEngagement" + | "unknownFutureValue"; export type PerfectForwardSecrecyGroup = "pfs1" | "pfs2" | "pfs2048" | "ecp256" | "ecp384" | "pfsMM" | "pfs24"; +export type PermissionClassificationType = "low" | "medium" | "high" | "unknownFutureValue"; +export type PermissionsDefinitionIdentityType = + | "user" + | "role" + | "application" + | "managedIdentity" + | "serviceAccount" + | "unknownFutureValue"; +export type PermissionsModificationCapability = + | "enabled" + | "notConfigured" + | "noRecentDataCollected" + | "unknownFutureValue"; +export type PermissionsRequestOccurrenceStatus = + | "grantingFailed" + | "granted" + | "granting" + | "revoked" + | "revoking" + | "revokingFailed" + | "unknownFutureValue"; +export type PermissionType = "application" | "delegated" | "delegatedUserConsentable"; +export type PersistentBrowserSessionMode = "always" | "never"; export type PersonalProfilePersonalPlayStoreMode = "notConfigured" | "blockedApps" | "allowedApps"; +export type PersonAnnualEventType = "birthday" | "wedding" | "work" | "other" | "unknownFutureValue"; +export type PersonRelationship = + | "manager" + | "colleague" + | "directReport" + | "dotLineReport" + | "assistant" + | "dotLineManager" + | "alternateContact" + | "friend" + | "spouse" + | "sibling" + | "child" + | "parent" + | "sponsor" + | "emergencyContact" + | "other" + | "unknownFutureValue"; +export type PhoneType = + | "home" + | "business" + | "mobile" + | "other" + | "assistant" + | "homeFax" + | "businessFax" + | "otherFax" + | "pager" + | "radio"; +export type PhysicalAddressType = "unknown" | "home" | "business" | "other"; +export type PlannerApprovalStatus = "requested" | "approved" | "rejected" | "cancelled" | "unknownFutureValue"; +export type PlannerContainerType = "group" | "unknownFutureValue" | "roster" | "project" | "driveItem" | "user"; +export type PlannerContextState = "active" | "delinked" | "unknownFutureValue"; +export type PlannerCreationSourceKind = "none" | "external" | "publication" | "unknownFutureValue"; +export type PlannerExternalTaskSourceDisplayType = "none" | "default" | "unknownFutureValue"; +export type PlannerPlanAccessLevel = "readAccess" | "readWriteAccess" | "fullAccess" | "unknownFutureValue"; +export type PlannerPlanContextType = + | "teamsTab" + | "sharePointPage" + | "meetingNotes" + | "other" + | "unknownFutureValue" + | "loopPage" + | "project"; +export type PlannerPreviewType = "automatic" | "noPreview" | "checklist" | "description" | "reference"; +export type PlannerRelationshipUserRoles = + | "defaultRules" + | "groupOwners" + | "groupMembers" + | "taskAssignees" + | "applications" + | "unknownFutureValue"; +export type PlannerRuleKind = "taskRule" | "bucketRule" | "planRule" | "unknownFutureValue"; +export type PlannerTaskCompletionRequirements = + | "none" + | "checklistCompletion" + | "unknownFutureValue" + | "formCompletion" + | "approvalCompletion" + | "completionInHostedApp"; +export type PlannerTaskTargetKind = "group" | "unknownFutureValue"; +export type PlannerUserRoleKind = "relationship" | "unknownFutureValue"; +export type Platform = "unknown" | "ios" | "android" | "windows" | "windowsMobile" | "macOS"; +export type PlayPromptCompletionReason = + | "unknown" + | "completedSuccessfully" + | "mediaOperationCanceled" + | "unknownFutureValue"; export type PolicyPlatformType = | "android" | "androidForWork" @@ -2638,1659 +3389,11 @@ export type PolicyPlatformType = | "windows10XProfile" | "androidAOSP" | "all"; +export type PolicyScope = "none" | "all" | "selected" | "unknownFutureValue"; +export type PolicySetStatus = "unknown" | "validating" | "partialSuccess" | "success" | "error" | "notAssigned"; +export type PostType = "regular" | "quick" | "strategic" | "unknownFutureValue"; export type PowerActionType = "notConfigured" | "noAction" | "sleep" | "hibernate" | "shutdown"; export type PrereleaseFeatures = "userDefined" | "settingsOnly" | "settingsAndExperimentations" | "notAllowed"; -export type RatingAppsType = "allAllowed" | "allBlocked" | "agesAbove4" | "agesAbove9" | "agesAbove12" | "agesAbove17"; -export type RatingAustraliaMoviesType = - | "allAllowed" - | "allBlocked" - | "general" - | "parentalGuidance" - | "mature" - | "agesAbove15" - | "agesAbove18"; -export type RatingAustraliaTelevisionType = - | "allAllowed" - | "allBlocked" - | "preschoolers" - | "children" - | "general" - | "parentalGuidance" - | "mature" - | "agesAbove15" - | "agesAbove15AdultViolence"; -export type RatingCanadaMoviesType = - | "allAllowed" - | "allBlocked" - | "general" - | "parentalGuidance" - | "agesAbove14" - | "agesAbove18" - | "restricted"; -export type RatingCanadaTelevisionType = - | "allAllowed" - | "allBlocked" - | "children" - | "childrenAbove8" - | "general" - | "parentalGuidance" - | "agesAbove14" - | "agesAbove18"; -export type RatingFranceMoviesType = - | "allAllowed" - | "allBlocked" - | "agesAbove10" - | "agesAbove12" - | "agesAbove16" - | "agesAbove18"; -export type RatingFranceTelevisionType = - | "allAllowed" - | "allBlocked" - | "agesAbove10" - | "agesAbove12" - | "agesAbove16" - | "agesAbove18"; -export type RatingGermanyMoviesType = - | "allAllowed" - | "allBlocked" - | "general" - | "agesAbove6" - | "agesAbove12" - | "agesAbove16" - | "adults"; -export type RatingGermanyTelevisionType = - | "allAllowed" - | "allBlocked" - | "general" - | "agesAbove6" - | "agesAbove12" - | "agesAbove16" - | "adults"; -export type RatingIrelandMoviesType = - | "allAllowed" - | "allBlocked" - | "general" - | "parentalGuidance" - | "agesAbove12" - | "agesAbove15" - | "agesAbove16" - | "adults"; -export type RatingIrelandTelevisionType = - | "allAllowed" - | "allBlocked" - | "general" - | "children" - | "youngAdults" - | "parentalSupervision" - | "mature"; -export type RatingJapanMoviesType = - | "allAllowed" - | "allBlocked" - | "general" - | "parentalGuidance" - | "agesAbove15" - | "agesAbove18"; -export type RatingJapanTelevisionType = "allAllowed" | "allBlocked" | "explicitAllowed"; -export type RatingNewZealandMoviesType = - | "allAllowed" - | "allBlocked" - | "general" - | "parentalGuidance" - | "mature" - | "agesAbove13" - | "agesAbove15" - | "agesAbove16" - | "agesAbove18" - | "restricted" - | "agesAbove16Restricted"; -export type RatingNewZealandTelevisionType = "allAllowed" | "allBlocked" | "general" | "parentalGuidance" | "adults"; -export type RatingUnitedKingdomMoviesType = - | "allAllowed" - | "allBlocked" - | "general" - | "universalChildren" - | "parentalGuidance" - | "agesAbove12Video" - | "agesAbove12Cinema" - | "agesAbove15" - | "adults"; -export type RatingUnitedKingdomTelevisionType = "allAllowed" | "allBlocked" | "caution"; -export type RatingUnitedStatesMoviesType = - | "allAllowed" - | "allBlocked" - | "general" - | "parentalGuidance" - | "parentalGuidance13" - | "restricted" - | "adults"; -export type RatingUnitedStatesTelevisionType = - | "allAllowed" - | "allBlocked" - | "childrenAll" - | "childrenAbove7" - | "general" - | "parentalGuidance" - | "childrenAbove14" - | "adults"; -export type RequiredPasswordType = "deviceDefault" | "alphanumeric" | "numeric"; -export type RestrictedAppsState = "prohibitedApps" | "notApprovedApps"; -export type RunState = "unknown" | "success" | "fail" | "scriptError" | "pending" | "notApplicable"; -export type SafeSearchFilterType = "userDefined" | "strict" | "moderate"; -export type ScheduledRetireState = "cancelRetire" | "confirmRetire" | "unknownFutureValue"; -export type SecureAssessmentAccountType = "azureADAccount" | "domainAccount" | "localAccount" | "localGuestAccount"; -export type SecureBootWithDMAType = "notConfigured" | "withoutDMA" | "withDMA"; -export type ServiceStartType = "manual" | "automatic" | "disabled"; -export type SettingSourceType = "deviceConfiguration" | "deviceIntent"; -export type SharedPCAccountDeletionPolicyType = - | "immediate" - | "diskSpaceThreshold" - | "diskSpaceThresholdOrInactiveThreshold"; -export type SharedPCAllowedAccountType = "notConfigured" | "guest" | "domain"; -export type SignInAssistantOptions = "notConfigured" | "disabled"; -export type SiteSecurityLevel = "userDefined" | "low" | "mediumLow" | "medium" | "mediumHigh" | "high"; -export type StateManagementSetting = "notConfigured" | "blocked" | "allowed"; -export type SubjectAlternativeNameType = - | "none" - | "emailAddress" - | "userPrincipalName" - | "customAzureADAttribute" - | "domainNameService" - | "universalResourceIdentifier"; -export type SubjectNameFormat = - | "commonName" - | "commonNameIncludingEmail" - | "commonNameAsEmail" - | "custom" - | "commonNameAsIMEI" - | "commonNameAsSerialNumber" - | "commonNameAsAadDeviceId" - | "commonNameAsIntuneDeviceId" - | "commonNameAsDurableDeviceId"; -export type UpdateClassification = "userDefined" | "recommendedAndImportant" | "important" | "none"; -export type UserEmailSource = "userPrincipalName" | "primarySmtpAddress"; -export type UsernameSource = "userPrincipalName" | "primarySmtpAddress" | "samAccountName"; -export type VisibilitySetting = "notConfigured" | "hide" | "show"; -export type VpnAuthenticationMethod = - | "certificate" - | "usernameAndPassword" - | "sharedSecret" - | "derivedCredential" - | "azureAD"; -export type VpnClientAuthenticationType = "userAuthentication" | "deviceAuthentication"; -export type VpnDeadPeerDetectionRate = "medium" | "none" | "low" | "high"; -export type VpnEncryptionAlgorithmType = - | "aes256" - | "des" - | "tripleDes" - | "aes128" - | "aes128Gcm" - | "aes256Gcm" - | "aes192" - | "aes192Gcm" - | "chaCha20Poly1305"; -export type VpnIntegrityAlgorithmType = "sha2_256" | "sha1_96" | "sha1_160" | "sha2_384" | "sha2_512" | "md5"; -export type VpnLocalIdentifier = "deviceFQDN" | "empty" | "clientCertificateSubjectName"; -export type VpnOnDemandRuleConnectionAction = "connect" | "evaluateConnection" | "ignore" | "disconnect"; -export type VpnOnDemandRuleConnectionDomainAction = "connectIfNeeded" | "neverConnect"; -export type VpnOnDemandRuleInterfaceTypeMatch = "notConfigured" | "ethernet" | "wiFi" | "cellular"; -export type VpnProviderType = "notConfigured" | "appProxy" | "packetTunnel"; -export type VpnServerCertificateType = "rsa" | "ecdsa256" | "ecdsa384" | "ecdsa521"; -export type VpnServiceExceptionAction = "forceTrafficViaVPN" | "allowTrafficOutside" | "dropTraffic"; -export type VpnTrafficDirection = "outbound" | "inbound" | "unknownFutureValue"; -export type VpnTrafficRuleAppType = "none" | "desktop" | "universal"; -export type VpnTrafficRuleRoutingPolicyType = "none" | "splitTunnel" | "forceTunnel"; -export type VpnTunnelConfigurationType = "wifiAndCellular" | "cellular" | "wifi"; -export type WebBrowserCookieSettings = - | "browserDefault" - | "blockAlways" - | "allowCurrentWebSite" - | "allowFromWebsitesVisited" - | "allowAlways"; -export type WeeklySchedule = - | "userDefined" - | "everyday" - | "sunday" - | "monday" - | "tuesday" - | "wednesday" - | "thursday" - | "friday" - | "saturday" - | "noScheduledScan"; -export type WelcomeScreenMeetingInformation = - | "userDefined" - | "showOrganizerAndTimeOnly" - | "showOrganizerAndTimeAndSubject"; -export type WiFiAuthenticationMethod = "certificate" | "usernameAndPassword" | "derivedCredential"; -export type WifiAuthenticationType = "none" | "user" | "machine" | "machineOrUser" | "guest"; -export type WiFiProxySetting = "none" | "manual" | "automatic" | "unknownFutureValue"; -export type WiFiSecurityType = "open" | "wpaPersonal" | "wpaEnterprise" | "wep" | "wpa2Personal" | "wpa2Enterprise"; -export type Windows10AppsUpdateRecurrence = "none" | "daily" | "weekly" | "monthly"; -export type Windows10AppType = "desktop" | "universal"; -export type Windows10DeviceModeType = "standardConfiguration" | "sModeConfiguration"; -export type Windows10EditionType = - | "windows10Enterprise" - | "windows10EnterpriseN" - | "windows10Education" - | "windows10EducationN" - | "windows10MobileEnterprise" - | "windows10HolographicEnterprise" - | "windows10Professional" - | "windows10ProfessionalN" - | "windows10ProfessionalEducation" - | "windows10ProfessionalEducationN" - | "windows10ProfessionalWorkstation" - | "windows10ProfessionalWorkstationN" - | "notConfigured" - | "windows10Home" - | "windows10HomeChina" - | "windows10HomeN" - | "windows10HomeSingleLanguage" - | "windows10Mobile" - | "windows10IoTCore" - | "windows10IoTCoreCommercial"; -export type Windows10VpnAuthenticationMethod = - | "certificate" - | "usernameAndPassword" - | "customEapXml" - | "derivedCredential"; -export type Windows10VpnConnectionType = - | "pulseSecure" - | "f5EdgeClient" - | "dellSonicWallMobileConnect" - | "checkPointCapsuleVpn" - | "automatic" - | "ikEv2" - | "l2tp" - | "pptp" - | "citrix" - | "paloAltoGlobalProtect" - | "ciscoAnyConnect" - | "unknownFutureValue" - | "microsoftTunnel"; -export type Windows10VpnProfileTarget = "user" | "device" | "autoPilotDevice"; -export type WindowsAppStartLayoutTileSize = "hidden" | "small" | "medium" | "wide" | "large"; -export type WindowsDefenderTamperProtectionOptions = "notConfigured" | "enable" | "disable"; -export type WindowsDeliveryOptimizationMode = - | "userDefined" - | "httpOnly" - | "httpWithPeeringNat" - | "httpWithPeeringPrivateGroup" - | "httpWithInternetPeering" - | "simpleDownload" - | "bypassMode"; -export type WindowsEdgeKioskType = "publicBrowsing" | "fullScreen"; -export type WindowsFirewallRuleInterfaceTypes = "notConfigured" | "remoteAccess" | "wireless" | "lan"; -export type WindowsFirewallRuleNetworkProfileTypes = "notConfigured" | "domain" | "private" | "public"; -export type WindowsFirewallRuleTrafficDirectionType = "notConfigured" | "out" | "in"; -export type WindowsHealthMonitoringScope = - | "undefined" - | "healthMonitoring" - | "bootPerformance" - | "windowsUpdates" - | "privilegeManagement"; -export type WindowsKioskAppType = "unknown" | "store" | "desktop" | "aumId"; -export type WindowsPrivacyDataAccessLevel = "notConfigured" | "forceAllow" | "forceDeny" | "userInControl"; -export type WindowsPrivacyDataCategory = - | "notConfigured" - | "accountInfo" - | "appsRunInBackground" - | "calendar" - | "callHistory" - | "camera" - | "contacts" - | "diagnosticsInfo" - | "email" - | "location" - | "messaging" - | "microphone" - | "motion" - | "notifications" - | "phone" - | "radios" - | "tasks" - | "syncWithDevices" - | "trustedDevices"; -export type WindowsSModeConfiguration = "noRestriction" | "block" | "unlock"; -export type WindowsSpotlightEnablementSettings = "notConfigured" | "disabled" | "enabled"; -export type WindowsStartMenuAppListVisibilityType = "userDefined" | "collapse" | "remove" | "disableSettingsApp"; -export type WindowsStartMenuModeType = "userDefined" | "fullScreen" | "nonFullScreen"; -export type WindowsUpdateForBusinessUpdateWeeks = - | "userDefined" - | "firstWeek" - | "secondWeek" - | "thirdWeek" - | "fourthWeek" - | "everyWeek" - | "unknownFutureValue"; -export type WindowsUpdateNotificationDisplayOption = - | "notConfigured" - | "defaultNotifications" - | "restartWarningsOnly" - | "disableAllNotifications" - | "unknownFutureValue"; -export type WindowsUpdateStatus = "upToDate" | "pendingInstallation" | "pendingReboot" | "failed"; -export type WindowsUpdateType = - | "userDefined" - | "all" - | "businessReadyOnly" - | "windowsInsiderBuildFast" - | "windowsInsiderBuildSlow" - | "windowsInsiderBuildRelease"; -export type WindowsUserAccountControlSettings = - | "userDefined" - | "alwaysNotify" - | "notifyOnAppChanges" - | "notifyOnAppChangesWithoutDimming" - | "neverNotify"; -export type WindowsVpnConnectionType = - | "pulseSecure" - | "f5EdgeClient" - | "dellSonicWallMobileConnect" - | "checkPointCapsuleVpn"; -export type WiredNetworkAuthenticationMethod = - | "certificate" - | "usernameAndPassword" - | "derivedCredential" - | "unknownFutureValue"; -export type WiredNetworkAuthenticationType = - | "none" - | "user" - | "machine" - | "machineOrUser" - | "guest" - | "unknownFutureValue"; -export type WiredNetworkInterface = - | "anyEthernet" - | "firstActiveEthernet" - | "secondActiveEthernet" - | "thirdActiveEthernet" - | "firstEthernet" - | "secondEthernet" - | "thirdEthernet"; -export type DeviceManagementComplianceActionType = - | "noAction" - | "notification" - | "block" - | "retire" - | "wipe" - | "removeResourceAccessProfiles" - | "pushNotification" - | "remoteLock"; -export type DeviceManagementConfigurationAzureAdTrustType = "none" | "azureAdJoined" | "addWorkAccount" | "mdmOnly"; -export type DeviceManagementConfigurationControlType = - | "default" - | "dropdown" - | "smallTextBox" - | "largeTextBox" - | "toggle" - | "multiheaderGrid" - | "contextPane" - | "unknownFutureValue"; -export type DeviceManagementConfigurationDeviceMode = "none" | "kiosk"; -export type DeviceManagementConfigurationPlatforms = - | "none" - | "android" - | "iOS" - | "macOS" - | "windows10X" - | "windows10" - | "linux" - | "unknownFutureValue"; -export type DeviceManagementConfigurationSecretSettingValueState = "invalid" | "notEncrypted" | "encryptedValueToken"; -export type DeviceManagementConfigurationSettingAccessTypes = - | "none" - | "add" - | "copy" - | "delete" - | "get" - | "replace" - | "execute"; -export type DeviceManagementConfigurationSettingUsage = "none" | "configuration" | "compliance" | "unknownFutureValue"; -export type DeviceManagementConfigurationSettingVisibility = - | "none" - | "settingsCatalog" - | "template" - | "unknownFutureValue"; -export type DeviceManagementConfigurationStringFormat = - | "none" - | "email" - | "guid" - | "ip" - | "base64" - | "url" - | "version" - | "xml" - | "date" - | "time" - | "binary" - | "regEx" - | "json" - | "dateTime" - | "surfaceHub" - | "bashScript" - | "unknownFutureValue"; -export type DeviceManagementConfigurationTechnologies = - | "none" - | "mdm" - | "windows10XManagement" - | "configManager" - | "appleRemoteManagement" - | "microsoftSense" - | "exchangeOnline" - | "mobileApplicationManagement" - | "linuxMdm" - | "enrollment" - | "endpointPrivilegeManagement" - | "unknownFutureValue"; -export type DeviceManagementConfigurationTemplateFamily = - | "none" - | "endpointSecurityAntivirus" - | "endpointSecurityDiskEncryption" - | "endpointSecurityFirewall" - | "endpointSecurityEndpointDetectionAndResponse" - | "endpointSecurityAttackSurfaceReduction" - | "endpointSecurityAccountProtection" - | "endpointSecurityApplicationControl" - | "endpointSecurityEndpointPrivilegeManagement" - | "enrollmentConfiguration" - | "appQuietTime" - | "baseline" - | "unknownFutureValue" - | "deviceConfigurationScripts" - | "deviceConfigurationPolicies" - | "companyPortal"; -export type DeviceManagementConfigurationWindowsSkus = - | "unknown" - | "windowsHome" - | "windowsProfessional" - | "windowsEnterprise" - | "windowsEducation" - | "windowsMobile" - | "windowsMobileEnterprise" - | "windowsTeamSurface" - | "iot" - | "iotEnterprise" - | "holoLens" - | "holoLensEnterprise" - | "holographicForBusiness" - | "windowsMultiSession" - | "surfaceHub"; -export type DeviceManagementTemplateLifecycleState = - | "invalid" - | "draft" - | "active" - | "superseded" - | "deprecated" - | "retired"; -export type CompanyPortalAction = "unknown" | "remove" | "reset"; -export type DeviceEnrollmentConfigurationType = - | "unknown" - | "limit" - | "platformRestrictions" - | "windowsHelloForBusiness" - | "defaultLimit" - | "defaultPlatformRestrictions" - | "defaultWindowsHelloForBusiness" - | "defaultWindows10EnrollmentCompletionPageConfiguration" - | "windows10EnrollmentCompletionPageConfiguration" - | "deviceComanagementAuthorityConfiguration" - | "singlePlatformRestriction" - | "unknownFutureValue" - | "enrollmentNotificationsConfiguration"; -export type DeviceManagementExchangeAccessLevel = "none" | "allow" | "block" | "quarantine"; -export type DeviceManagementExchangeAccessRuleType = "family" | "model"; -export type DeviceManagementExchangeConnectorStatus = - | "none" - | "connectionPending" - | "connected" - | "disconnected" - | "unknownFutureValue"; -export type DeviceManagementExchangeConnectorSyncType = "fullSync" | "deltaSync"; -export type DeviceManagementExchangeConnectorType = - | "onPremises" - | "hosted" - | "serviceToService" - | "dedicated" - | "unknownFutureValue"; -export type DeviceManagementPartnerAppType = "unknown" | "singleTenantApp" | "multiTenantApp"; -export type DeviceManagementPartnerTenantState = - | "unknown" - | "unavailable" - | "enabled" - | "terminated" - | "rejected" - | "unresponsive"; -export type EnrollmentAvailabilityOptions = "availableWithPrompts" | "availableWithoutPrompts" | "unavailable"; -export type EnrollmentNotificationBrandingOptions = - | "none" - | "includeCompanyLogo" - | "includeCompanyName" - | "includeContactInformation" - | "includeCompanyPortalLink" - | "includeDeviceDetails" - | "unknownFutureValue"; -export type EnrollmentNotificationTemplateType = "email" | "push" | "unknownFutureValue"; -export type EnrollmentRestrictionPlatformType = - | "allPlatforms" - | "ios" - | "windows" - | "windowsPhone" - | "android" - | "androidForWork" - | "mac" - | "linux" - | "unknownFutureValue"; -export type MdmAuthority = "unknown" | "intune" | "sccm" | "office365"; -export type MicrosoftStoreForBusinessPortalSelectionOptions = "none" | "companyPortal" | "privateStore"; -export type MobileThreatPartnerTenantState = - | "unavailable" - | "available" - | "enabled" - | "unresponsive" - | "notSetUp" - | "error" - | "unknownFutureValue"; -export type OwnerType = "unknown" | "company" | "personal"; -export type VppTokenState = - | "unknown" - | "valid" - | "expired" - | "invalid" - | "assignedToExternalMDM" - | "duplicateLocationId"; -export type VppTokenSyncStatus = "none" | "inProgress" | "completed" | "failed"; -export type WindowsHelloForBusinessPinUsage = "allowed" | "required" | "disallowed"; -export type DeviceManagementComparisonResult = "unknown" | "equal" | "notEqual" | "added" | "removed"; -export type DeviceManagementTemplateSubtype = - | "none" - | "firewall" - | "diskEncryption" - | "attackSurfaceReduction" - | "endpointDetectionReponse" - | "accountProtection" - | "antivirus" - | "firewallSharedAppList" - | "firewallSharedIpList" - | "firewallSharedPortlist"; -export type DeviceManagementTemplateType = - | "securityBaseline" - | "specializedDevices" - | "advancedThreatProtectionSecurityBaseline" - | "deviceConfiguration" - | "custom" - | "securityTemplate" - | "microsoftEdgeSecurityBaseline" - | "microsoftOffice365ProPlusSecurityBaseline" - | "deviceCompliance" - | "deviceConfigurationForOffice365" - | "cloudPC" - | "firewallSharedSettings"; -export type DeviceManangementIntentValueType = - | "integer" - | "boolean" - | "string" - | "complex" - | "collection" - | "abstractComplex"; -export type SecurityBaselineComplianceState = - | "unknown" - | "secure" - | "notApplicable" - | "notSecure" - | "error" - | "conflict"; -export type SecurityBaselinePolicySourceType = "deviceConfiguration" | "deviceIntent"; -export type AdminConsentState = "notConfigured" | "granted" | "notGranted"; -export type AppLogDecryptionAlgorithm = "aes256" | "unknownFutureValue"; -export type AppLogUploadState = "pending" | "completed" | "failed" | "unknownFutureValue"; -export type AzureAttestationSettingStatus = "notApplicable" | "enabled" | "disabled" | "unknownFutureValue"; -export type ChassisType = - | "unknown" - | "desktop" - | "laptop" - | "worksWorkstation" - | "enterpriseServer" - | "phone" - | "tablet" - | "mobileOther" - | "mobileUnknown"; -export type ComanagementEligibleType = - | "comanaged" - | "eligible" - | "eligibleButNotAzureAdJoined" - | "needsOsUpdate" - | "ineligible" - | "scheduledForEnrollment" - | "unknownFutureValue"; -export type ComplianceState = - | "unknown" - | "compliant" - | "noncompliant" - | "conflict" - | "error" - | "inGracePeriod" - | "configManager"; -export type ConfigurationManagerActionDeliveryStatus = - | "unknown" - | "pendingDelivery" - | "deliveredToConnectorService" - | "failedToDeliverToConnectorService" - | "deliveredToOnPremisesServer"; -export type ConfigurationManagerActionType = - | "refreshMachinePolicy" - | "refreshUserPolicy" - | "wakeUpClient" - | "appEvaluation" - | "quickScan" - | "fullScan" - | "windowsDefenderUpdateSignatures"; -export type ConfigurationManagerClientState = - | "unknown" - | "installed" - | "healthy" - | "installFailed" - | "updateFailed" - | "communicationError"; -export type DetectedAppPlatformType = - | "unknown" - | "windows" - | "windowsMobile" - | "windowsHolographic" - | "ios" - | "macOS" - | "chromeOS" - | "androidOSP" - | "androidDeviceAdministrator" - | "androidWorkProfile" - | "androidDedicatedAndFullyManaged" - | "unknownFutureValue"; -export type DeviceCustomAttributeValueType = "integer" | "string" | "dateTime"; -export type DeviceEnrollmentType = - | "unknown" - | "userEnrollment" - | "deviceEnrollmentManager" - | "appleBulkWithUser" - | "appleBulkWithoutUser" - | "windowsAzureADJoin" - | "windowsBulkUserless" - | "windowsAutoEnrollment" - | "windowsBulkAzureDomainJoin" - | "windowsCoManagement" - | "windowsAzureADJoinUsingDeviceAuth" - | "appleUserEnrollment" - | "appleUserEnrollmentWithServiceAccount" - | "azureAdJoinUsingAzureVmExtension" - | "androidEnterpriseDedicatedDevice" - | "androidEnterpriseFullyManaged" - | "androidEnterpriseCorporateWorkProfile"; -export type DeviceEventLevel = - | "none" - | "verbose" - | "information" - | "warning" - | "error" - | "critical" - | "unknownFutureValue"; -export type DeviceGuardLocalSystemAuthorityCredentialGuardState = - | "running" - | "rebootRequired" - | "notLicensed" - | "notConfigured" - | "virtualizationBasedSecurityNotRunning"; -export type DeviceGuardVirtualizationBasedSecurityHardwareRequirementState = - | "meetHardwareRequirements" - | "secureBootRequired" - | "dmaProtectionRequired" - | "hyperVNotSupportedForGuestVM" - | "hyperVNotAvailable"; -export type DeviceGuardVirtualizationBasedSecurityState = - | "running" - | "rebootRequired" - | "require64BitArchitecture" - | "notLicensed" - | "notConfigured" - | "doesNotMeetHardwareRequirements" - | "other"; -export type DeviceHealthScriptType = "deviceHealthScript" | "managedInstallerScript"; -export type DeviceIdentityAttestationStatus = - | "unknown" - | "trusted" - | "unTrusted" - | "notSupported" - | "incompleteData" - | "unknownFutureValue"; -export type DeviceLicensingStatus = - | "unknown" - | "licenseRefreshStarted" - | "licenseRefreshPending" - | "deviceIsNotAzureActiveDirectoryJoined" - | "verifyingMicrosoftDeviceIdentity" - | "deviceIdentityVerificationFailed" - | "verifyingMicrosoftAccountIdentity" - | "microsoftAccountVerificationFailed" - | "acquiringDeviceLicense" - | "refreshingDeviceLicense" - | "deviceLicenseRefreshSucceed" - | "deviceLicenseRefreshFailed" - | "removingDeviceLicense" - | "deviceLicenseRemoveSucceed" - | "deviceLicenseRemoveFailed" - | "unknownFutureValue"; -export type DeviceLogCollectionTemplateType = "predefined" | "unknownFutureValue"; -export type DeviceManagementExchangeAccessState = "none" | "unknown" | "allowed" | "blocked" | "quarantined"; -export type DeviceManagementExchangeAccessStateReason = - | "none" - | "unknown" - | "exchangeGlobalRule" - | "exchangeIndividualRule" - | "exchangeDeviceRule" - | "exchangeUpgrade" - | "exchangeMailboxPolicy" - | "other" - | "compliant" - | "notCompliant" - | "notEnrolled" - | "unknownLocation" - | "mfaRequired" - | "azureADBlockDueToAccessPolicy" - | "compromisedPassword" - | "deviceNotKnownWithManagedApp"; -export type DeviceManagementSubscriptions = - | "none" - | "intune" - | "office365" - | "intunePremium" - | "intune_EDU" - | "intune_SMB"; -export type DeviceManagementSubscriptionState = - | "pending" - | "active" - | "warning" - | "disabled" - | "deleted" - | "blocked" - | "lockedOut"; -export type DeviceRegistrationState = - | "notRegistered" - | "registered" - | "revoked" - | "keyConflict" - | "approvalPending" - | "certificateReset" - | "notRegisteredPendingEnrollment" - | "unknown"; -export type DeviceScopeAction = undefined; -export type DeviceScopeActionStatus = "failed" | "succeeded" | "unknownFutureValue"; -export type DeviceScopeOperator = "none" | "equals" | "unknownFutureValue"; -export type DeviceScopeParameter = "none" | "scopeTag" | "unknownFutureValue"; -export type DeviceScopeStatus = "none" | "computing" | "insufficientData" | "completed" | "unknownFutureValue"; -export type DiskType = "unknown" | "hdd" | "ssd" | "unknownFutureValue"; -export type FirmwareProtectionType = - | "notApplicable" - | "systemGuardSecureLaunch" - | "firmwareAttackSurfaceReduction" - | "disabled" - | "unknownFutureValue"; -export type GlobalDeviceHealthScriptState = "notConfigured" | "pending" | "enabled"; -export type HealthState = "unknown" | "healthy" | "unhealthy"; -export type JoinType = "unknown" | "azureADJoined" | "azureADRegistered" | "hybridAzureADJoined"; -export type LostModeState = "disabled" | "enabled"; -export type ManagedDeviceArchitecture = "unknown" | "x86" | "x64" | "arm" | "arM64"; -export type ManagedDeviceManagementFeatures = "none" | "microsoftManagedDesktop"; -export type ManagedDevicePartnerReportedHealthState = - | "unknown" - | "activated" - | "deactivated" - | "secured" - | "lowSeverity" - | "mediumSeverity" - | "highSeverity" - | "unresponsive" - | "compromised" - | "misconfigured"; -export type ManagedDeviceRemoteAction = - | "retire" - | "delete" - | "fullScan" - | "quickScan" - | "signatureUpdate" - | "wipe" - | "customTextNotification" - | "rebootNow" - | "setDeviceName" - | "syncDevice" - | "deprovision" - | "disable" - | "reenable" - | "moveDeviceToOrganizationalUnit" - | "activateDeviceEsim" - | "collectDiagnostics" - | "initiateMobileDeviceManagementKeyRecovery" - | "initiateOnDemandProactiveRemediation" - | "unknownFutureValue"; -export type ManagedInstallerStatus = "disabled" | "enabled"; -export type ManagementState = - | "managed" - | "retirePending" - | "retireFailed" - | "wipePending" - | "wipeFailed" - | "unhealthy" - | "deletePending" - | "retireIssued" - | "wipeIssued" - | "wipeCanceled" - | "retireCanceled" - | "discovered"; -export type ObliterationBehavior = - | "default" - | "doNotObliterate" - | "obliterateWithWarning" - | "always" - | "unknownFutureValue"; -export type OperatingSystemUpgradeEligibility = "upgraded" | "unknown" | "notCapable" | "capable" | "unknownFutureValue"; -export type PrivilegeManagementElevationType = - | "undetermined" - | "unmanagedElevation" - | "zeroTouchElevation" - | "userConfirmedElevation" - | "supportApprovedElevation" - | "unknownFutureValue"; -export type PrivilegeManagementEndUserType = "undetermined" | "azureAd" | "hybrid" | "local" | "unknownFutureValue"; -export type PrivilegeManagementProcessType = "undefined" | "parent" | "child" | "unknownFutureValue"; -export type RemediationState = - | "unknown" - | "skipped" - | "success" - | "remediationFailed" - | "scriptError" - | "unknownFutureValue"; -export type RemoteAction = - | "unknown" - | "factoryReset" - | "removeCompanyData" - | "resetPasscode" - | "remoteLock" - | "enableLostMode" - | "disableLostMode" - | "locateDevice" - | "rebootNow" - | "recoverPasscode" - | "cleanWindowsDevice" - | "logoutSharedAppleDeviceActiveUser" - | "quickScan" - | "fullScan" - | "windowsDefenderUpdateSignatures" - | "factoryResetKeepEnrollmentData" - | "updateDeviceAccount" - | "automaticRedeployment" - | "shutDown" - | "rotateBitLockerKeys" - | "rotateFileVaultKey" - | "getFileVaultKey" - | "setDeviceName" - | "activateDeviceEsim" - | "deprovision" - | "disable" - | "reenable" - | "moveDeviceToOrganizationalUnit" - | "initiateMobileDeviceManagementKeyRecovery" - | "initiateOnDemandProactiveRemediation" - | "rotateLocalAdminPassword" - | "unknownFutureValue" - | "launchRemoteHelp" - | "revokeAppleVppLicenses" - | "removeDeviceFirmwareConfigurationInterfaceManagement" - | "pauseConfigurationRefresh"; -export type SystemManagementModeLevel = "notApplicable" | "level1" | "level2" | "level3" | "unknownFutureValue"; -export type UserExperienceAnalyticsAnomalyCorrelationGroupPrevalence = "high" | "medium" | "low" | "unknownFutureValue"; -export type UserExperienceAnalyticsAnomalyDeviceFeatureType = - | "manufacturer" - | "model" - | "osVersion" - | "application" - | "driver" - | "unknownFutureValue"; -export type UserExperienceAnalyticsAnomalySeverity = - | "high" - | "medium" - | "low" - | "informational" - | "other" - | "unknownFutureValue"; -export type UserExperienceAnalyticsAnomalyState = - | "new" - | "active" - | "disabled" - | "removed" - | "other" - | "unknownFutureValue"; -export type UserExperienceAnalyticsAnomalyType = - | "device" - | "application" - | "stopError" - | "driver" - | "other" - | "unknownFutureValue"; -export type UserExperienceAnalyticsDeviceStatus = "anomalous" | "affected" | "atRisk" | "unknownFutureValue"; -export type UserExperienceAnalyticsHealthState = - | "unknown" - | "insufficientData" - | "needsAttention" - | "meetingGoals" - | "unknownFutureValue"; -export type UserExperienceAnalyticsInsightSeverity = - | "none" - | "informational" - | "warning" - | "error" - | "unknownFutureValue"; -export type UserExperienceAnalyticsOperatingSystemRestartCategory = - | "unknown" - | "restartWithUpdate" - | "restartWithoutUpdate" - | "blueScreen" - | "shutdownWithUpdate" - | "shutdownWithoutUpdate" - | "longPowerButtonPress" - | "bootError" - | "update" - | "unknownFutureValue"; -export type UserExperienceAnalyticsSummarizedBy = - | "none" - | "model" - | "allRegressions" - | "modelRegression" - | "manufacturerRegression" - | "operatingSystemVersionRegression" - | "unknownFutureValue"; -export type WindowsDefenderProductStatus = - | "noStatus" - | "serviceNotRunning" - | "serviceStartedWithoutMalwareProtection" - | "pendingFullScanDueToThreatAction" - | "pendingRebootDueToThreatAction" - | "pendingManualStepsDueToThreatAction" - | "avSignaturesOutOfDate" - | "asSignaturesOutOfDate" - | "noQuickScanHappenedForSpecifiedPeriod" - | "noFullScanHappenedForSpecifiedPeriod" - | "systemInitiatedScanInProgress" - | "systemInitiatedCleanInProgress" - | "samplesPendingSubmission" - | "productRunningInEvaluationMode" - | "productRunningInNonGenuineMode" - | "productExpired" - | "offlineScanRequired" - | "serviceShutdownAsPartOfSystemShutdown" - | "threatRemediationFailedCritically" - | "threatRemediationFailedNonCritically" - | "noStatusFlagsSet" - | "platformOutOfDate" - | "platformUpdateInProgress" - | "platformAboutToBeOutdated" - | "signatureOrPlatformEndOfLifeIsPastOrIsImpending" - | "windowsSModeSignaturesInUseOnNonWin10SInstall"; -export type WindowsDeviceHealthState = - | "clean" - | "fullScanPending" - | "rebootPending" - | "manualStepsPending" - | "offlineScanPending" - | "critical"; -export type WindowsMalwareCategory = - | "invalid" - | "adware" - | "spyware" - | "passwordStealer" - | "trojanDownloader" - | "worm" - | "backdoor" - | "remoteAccessTrojan" - | "trojan" - | "emailFlooder" - | "keylogger" - | "dialer" - | "monitoringSoftware" - | "browserModifier" - | "cookie" - | "browserPlugin" - | "aolExploit" - | "nuker" - | "securityDisabler" - | "jokeProgram" - | "hostileActiveXControl" - | "softwareBundler" - | "stealthNotifier" - | "settingsModifier" - | "toolBar" - | "remoteControlSoftware" - | "trojanFtp" - | "potentialUnwantedSoftware" - | "icqExploit" - | "trojanTelnet" - | "exploit" - | "filesharingProgram" - | "malwareCreationTool" - | "remote_Control_Software" - | "tool" - | "trojanDenialOfService" - | "trojanDropper" - | "trojanMassMailer" - | "trojanMonitoringSoftware" - | "trojanProxyServer" - | "virus" - | "known" - | "unknown" - | "spp" - | "behavior" - | "vulnerability" - | "policy" - | "enterpriseUnwantedSoftware" - | "ransom" - | "hipsRule"; -export type WindowsMalwareExecutionState = "unknown" | "blocked" | "allowed" | "running" | "notRunning"; -export type WindowsMalwareSeverity = "unknown" | "low" | "moderate" | "high" | "severe"; -export type WindowsMalwareState = - | "unknown" - | "detected" - | "cleaned" - | "quarantined" - | "removed" - | "allowed" - | "blocked" - | "cleanFailed" - | "quarantineFailed" - | "removeFailed" - | "allowFailed" - | "abandoned" - | "blockFailed"; -export type WindowsMalwareThreatState = - | "active" - | "actionFailed" - | "manualStepsRequired" - | "fullScanRequired" - | "rebootRequired" - | "remediatedWithNonCriticalFailures" - | "quarantined" - | "removed" - | "cleaned" - | "allowed" - | "noStatusCleared"; -export type DeviceManagementDerivedCredentialIssuer = "intercede" | "entrustDatacard" | "purebred" | "xTec"; -export type DeviceManagementDerivedCredentialNotificationType = "none" | "companyPortal" | "email"; -export type DeviceManagementResourceAccessProfileIntent = "apply" | "remove"; -export type AppleUserInitiatedEnrollmentType = - | "unknown" - | "device" - | "user" - | "accountDrivenUserEnrollment" - | "webDeviceEnrollment" - | "unknownFutureValue"; -export type DepTokenType = "none" | "dep" | "appleSchoolManager"; -export type DiscoverySource = "unknown" | "adminImport" | "deviceEnrollmentProgram"; -export type EnrollmentState = "unknown" | "enrolled" | "pendingReset" | "failed" | "notContacted" | "blocked"; -export type ImportedDeviceIdentityType = "unknown" | "imei" | "serialNumber"; -export type ImportedWindowsAutopilotDeviceIdentityImportStatus = - | "unknown" - | "pending" - | "partial" - | "complete" - | "error"; -export type ImportedWindowsAutopilotDeviceIdentityUploadStatus = "noUpload" | "pending" | "complete" | "error"; -export type ITunesPairingMode = "disallow" | "allow" | "requiresCertificate"; -export type Platform = "unknown" | "ios" | "android" | "windows" | "windowsMobile" | "macOS"; -export type WindowsAutopilotDeviceRemediationState = - | "unknown" - | "noRemediationRequired" - | "automaticRemediationRequired" - | "manualRemediationRequired" - | "unknownFutureValue"; -export type WindowsAutopilotDeviceType = - | "windowsPc" - | "surfaceHub2" - | "holoLens" - | "surfaceHub2S" - | "virtualMachine" - | "unknownFutureValue"; -export type WindowsAutopilotProfileAssignmentDetailedStatus = - | "none" - | "hardwareRequirementsNotMet" - | "surfaceHubProfileNotSupported" - | "holoLensProfileNotSupported" - | "windowsPcProfileNotSupported" - | "surfaceHub2SProfileNotSupported" - | "unknownFutureValue"; -export type WindowsAutopilotProfileAssignmentStatus = - | "unknown" - | "assignedInSync" - | "assignedOutOfSync" - | "assignedUnkownSyncState" - | "notAssigned" - | "pending" - | "failed"; -export type WindowsAutopilotSyncStatus = "unknown" | "inProgress" | "completed" | "failed"; -export type WindowsAutopilotUserlessEnrollmentStatus = "unknown" | "allowed" | "blocked" | "unknownFutureValue"; -export type WindowsDeviceUsageType = "singleUser" | "shared"; -export type WindowsUserType = "administrator" | "standard"; -export type ElevationRequestState = "none" | "pending" | "approved" | "denied" | "expired" | "unknownFutureValue"; -export type ZebraFotaConnectorState = "none" | "connected" | "disconnected" | "unknownFutureValue"; -export type ZebraFotaDeploymentState = - | "pendingCreation" - | "createFailed" - | "created" - | "inProgress" - | "completed" - | "pendingCancel" - | "canceled" - | "unknownFutureValue"; -export type ZebraFotaErrorCode = - | "success" - | "noDevicesFoundInSelectedAadGroups" - | "noIntuneDevicesFoundInSelectedAadGroups" - | "noZebraFotaEnrolledDevicesFoundForCurrentTenant" - | "noZebraFotaEnrolledDevicesFoundInSelectedAadGroups" - | "noZebraFotaDevicesFoundForSelectedDeviceModel" - | "zebraFotaCreateDeploymentRequestFailure" - | "unknownFutureValue"; -export type ZebraFotaNetworkType = "any" | "wifi" | "cellular" | "wifiAndCellular" | "unknownFutureValue"; -export type ZebraFotaScheduleMode = "installNow" | "scheduled" | "unknownFutureValue"; -export type ZebraFotaUpdateType = "custom" | "latest" | "auto" | "unknownFutureValue"; -export type GroupPolicyMigrationReadiness = "none" | "partial" | "complete" | "error" | "notApplicable"; -export type GroupPolicySettingScope = "unknown" | "device" | "user"; -export type GroupPolicySettingType = - | "unknown" - | "policy" - | "account" - | "securityOptions" - | "userRightsAssignment" - | "auditSetting" - | "windowsFirewallSettings" - | "appLockerRuleCollection" - | "dataSourcesSettings" - | "devicesSettings" - | "driveMapSettings" - | "environmentVariables" - | "filesSettings" - | "folderOptions" - | "folders" - | "iniFiles" - | "internetOptions" - | "localUsersAndGroups" - | "networkOptions" - | "networkShares" - | "ntServices" - | "powerOptions" - | "printers" - | "regionalOptionsSettings" - | "registrySettings" - | "scheduledTasks" - | "shortcutSettings" - | "startMenuSettings"; -export type MdmSupportedState = "unknown" | "supported" | "unsupported" | "deprecated"; -export type GroupPolicyConfigurationIngestionType = "unknown" | "custom" | "builtIn" | "mixed" | "unknownFutureValue"; -export type GroupPolicyConfigurationType = "policy" | "preference"; -export type GroupPolicyDefinitionClassType = "user" | "machine"; -export type GroupPolicyOperationStatus = "unknown" | "inProgress" | "success" | "failed"; -export type GroupPolicyOperationType = - | "none" - | "upload" - | "uploadNewVersion" - | "addLanguageFiles" - | "removeLanguageFiles" - | "updateLanguageFiles" - | "remove"; -export type GroupPolicyType = "admxBacked" | "admxIngested"; -export type GroupPolicyUploadedDefinitionFileStatus = - | "none" - | "uploadInProgress" - | "available" - | "assigned" - | "removalInProgress" - | "uploadFailed" - | "removalFailed"; -export type IngestionSource = "unknown" | "custom" | "builtIn" | "unknownFutureValue"; -export type AndroidManagedAppSafetyNetAppsVerificationType = "none" | "enabled"; -export type AndroidManagedAppSafetyNetDeviceAttestationType = - | "none" - | "basicIntegrity" - | "basicIntegrityAndDeviceCertification"; -export type AndroidManagedAppSafetyNetEvaluationType = "basic" | "hardwareBacked"; -export type AppManagementLevel = - | "unspecified" - | "unmanaged" - | "mdm" - | "androidEnterprise" - | "androidEnterpriseDedicatedDevicesWithAzureAdSharedMode" - | "androidOpenSourceProjectUserAssociated" - | "androidOpenSourceProjectUserless" - | "unknownFutureValue"; -export type ManagedAppClipboardSharingLevel = "allApps" | "managedAppsWithPasteIn" | "managedApps" | "blocked"; -export type ManagedAppDataEncryptionType = - | "useDeviceSettings" - | "afterDeviceRestart" - | "whenDeviceLockedExceptOpenFiles" - | "whenDeviceLocked"; -export type ManagedAppDataIngestionLocation = "oneDriveForBusiness" | "sharePoint" | "camera" | "photoLibrary"; -export type ManagedAppDataStorageLocation = - | "oneDriveForBusiness" - | "sharePoint" - | "box" - | "localStorage" - | "photoLibrary"; -export type ManagedAppDataTransferLevel = "allApps" | "managedApps" | "none"; -export type ManagedAppDeviceThreatLevel = "notConfigured" | "secured" | "low" | "medium" | "high"; -export type ManagedAppFlaggedReason = - | "none" - | "rootedDevice" - | "androidBootloaderUnlocked" - | "androidFactoryRomModified"; -export type ManagedAppNotificationRestriction = "allow" | "blockOrganizationalData" | "block"; -export type ManagedAppPhoneNumberRedirectLevel = "allApps" | "managedApps" | "customApp" | "blocked"; -export type ManagedAppPinCharacterSet = "numeric" | "alphanumericAndSymbol"; -export type ManagedAppRemediationAction = "block" | "wipe" | "warn"; -export type ManagedBrowserType = "notConfigured" | "microsoftEdge"; -export type MessagingRedirectAppType = "anyApp" | "anyManagedApp" | "specificApps"; -export type MobileThreatDefensePartnerPriority = - | "defenderOverThirdPartyPartner" - | "thirdPartyPartnerOverDefender" - | "unknownFutureValue"; -export type TargetedManagedAppGroupType = "selectedPublicApps" | "allCoreMicrosoftApps" | "allMicrosoftApps" | "allApps"; -export type WindowsInformationProtectionEnforcementLevel = - | "noProtection" - | "encryptAndAuditOnly" - | "encryptAuditAndPrompt" - | "encryptAuditAndBlock"; -export type WindowsInformationProtectionPinCharacterRequirements = "notAllow" | "requireAtLeastOne" | "allow"; -export type WindowsManagedAppClipboardSharingLevel = "anyDestinationAnySource" | "none"; -export type WindowsManagedAppDataTransferLevel = "allApps" | "none"; -export type MicrosoftTunnelLogCollectionStatus = "pending" | "completed" | "failed" | "unknownFutureValue"; -export type MicrosoftTunnelServerHealthStatus = - | "unknown" - | "healthy" - | "unhealthy" - | "warning" - | "offline" - | "upgradeInProgress" - | "upgradeFailed" - | "unknownFutureValue"; -export type NotificationTemplateBrandingOptions = - | "none" - | "includeCompanyLogo" - | "includeCompanyName" - | "includeContactInformation" - | "includeCompanyPortalLink" - | "includeDeviceDetails" - | "unknownFutureValue"; -export type DeviceManagementDomainJoinConnectorState = "active" | "error" | "inactive"; -export type AppVulnerabilityTaskMitigationType = "unknown" | "update" | "uninstall" | "securityConfiguration"; -export type DeviceAppManagementTaskCategory = "unknown" | "advancedThreatProtection"; -export type DeviceAppManagementTaskPriority = "none" | "high" | "low"; -export type DeviceAppManagementTaskStatus = "unknown" | "pending" | "active" | "completed" | "rejected"; -export type EndpointSecurityConfigurationApplicablePlatform = - | "unknown" - | "macOS" - | "windows10AndLater" - | "windows10AndWindowsServer"; -export type EndpointSecurityConfigurationProfileType = - | "unknown" - | "antivirus" - | "windowsSecurity" - | "bitLocker" - | "fileVault" - | "firewall" - | "firewallRules" - | "endpointDetectionAndResponse" - | "deviceControl" - | "appAndBrowserIsolation" - | "exploitProtection" - | "webProtection" - | "applicationControl" - | "attackSurfaceReductionRules" - | "accountProtection"; -export type EndpointSecurityConfigurationType = - | "unknown" - | "antivirus" - | "diskEncryption" - | "firewall" - | "endpointDetectionAndResponse" - | "attackSurfaceReduction" - | "accountProtection"; -export type RoleAssignmentScopeType = "resourceScope" | "allDevices" | "allLicensedUsers" | "allDevicesAndLicensedUsers"; -export type RemoteAssistanceOnboardingStatus = "notOnboarded" | "onboarding" | "onboarded"; -export type RemoteAssistanceState = "disabled" | "enabled"; -export type DeviceManagementExportJobLocalizationType = "localizedValuesAsAdditionalColumn" | "replaceLocalizableValues"; -export type DeviceManagementReportFileFormat = "csv" | "pdf" | "json" | "unknownFutureValue"; -export type DeviceManagementReportStatus = "unknown" | "notStarted" | "inProgress" | "completed" | "failed"; -export type EmbeddedSIMDeviceStateValue = - | "notEvaluated" - | "failed" - | "installing" - | "installed" - | "deleting" - | "error" - | "deleted" - | "removedByUser"; -export type ConnectorHealthState = "healthy" | "warning" | "unhealthy" | "unknown"; -export type ConnectorName = - | "applePushNotificationServiceExpirationDateTime" - | "vppTokenExpirationDateTime" - | "vppTokenLastSyncDateTime" - | "windowsAutopilotLastSyncDateTime" - | "windowsStoreForBusinessLastSyncDateTime" - | "jamfLastSyncDateTime" - | "ndesConnectorLastConnectionDateTime" - | "appleDepExpirationDateTime" - | "appleDepLastSyncDateTime" - | "onPremConnectorLastSyncDateTime" - | "googlePlayAppLastSyncDateTime" - | "googlePlayConnectorLastModifiedDateTime" - | "windowsDefenderATPConnectorLastHeartbeatDateTime" - | "mobileThreatDefenceConnectorLastHeartbeatDateTime" - | "chromebookLastDirectorySyncDateTime" - | "futureValue"; -export type DeviceEnrollmentFailureReason = - | "unknown" - | "authentication" - | "authorization" - | "accountValidation" - | "userValidation" - | "deviceNotSupported" - | "inMaintenance" - | "badRequest" - | "featureNotSupported" - | "enrollmentRestrictionsEnforced" - | "clientDisconnected" - | "userAbandonment"; -export type DeviceManagementAutopilotPolicyComplianceStatus = - | "unknown" - | "compliant" - | "installed" - | "notCompliant" - | "notInstalled" - | "error"; -export type DeviceManagementAutopilotPolicyType = "unknown" | "application" | "appModel" | "configurationPolicy"; -export type MobileAppActionType = - | "unknown" - | "installCommandSent" - | "installed" - | "uninstalled" - | "userRequestedInstall"; -export type MobileAppIntent = - | "available" - | "notAvailable" - | "requiredInstall" - | "requiredUninstall" - | "requiredAndAvailableInstall" - | "availableInstallWithoutEnrollment" - | "exclude"; -export type WindowsAutopilotDeploymentState = - | "unknown" - | "success" - | "inProgress" - | "failure" - | "successWithTimeout" - | "notAttempted" - | "disabled" - | "successOnRetry"; -export type WindowsAutopilotEnrollmentType = - | "unknown" - | "azureADJoinedWithAutopilotProfile" - | "offlineDomainJoined" - | "azureADJoinedUsingDeviceAuthWithAutopilotProfile" - | "azureADJoinedUsingDeviceAuthWithoutAutopilotProfile" - | "azureADJoinedWithOfflineAutopilotProfile" - | "azureADJoinedWithWhiteGlove" - | "offlineDomainJoinedWithWhiteGlove" - | "offlineDomainJoinedWithOfflineAutopilotProfile"; -export type WindowsDefenderApplicationControlSupplementalPolicyStatuses = - | "unknown" - | "success" - | "tokenError" - | "notAuthorizedByToken" - | "policyNotFound"; -export type DriverApprovalAction = "approve" | "decline" | "suspend"; -export type DriverApprovalStatus = "needsReview" | "declined" | "approved" | "suspended"; -export type DriverCategory = "recommended" | "previouslyApproved" | "other"; -export type DriverUpdateProfileApprovalType = "manual" | "automatic"; -export type WindowsDriverUpdateProfileInventorySyncState = "pending" | "success" | "failure"; -export type WindowsQualityUpdateClassification = "all" | "security" | "nonSecurity"; -export type ApplicationType = "universal" | "desktop"; -export type UserPfxIntendedPurpose = "unassigned" | "smimeEncryption" | "smimeSigning" | "vpn" | "wifi"; -export type UserPfxPaddingScheme = "none" | "pkcs1" | "oaepSha1" | "oaepSha256" | "oaepSha384" | "oaepSha512"; -export type PostType = "regular" | "quick" | "strategic" | "unknownFutureValue"; -export type ServiceHealthClassificationType = "advisory" | "incident" | "unknownFutureValue"; -export type ServiceHealthOrigin = "microsoft" | "thirdParty" | "customer" | "unknownFutureValue"; -export type ServiceHealthStatus = - | "serviceOperational" - | "investigating" - | "restoringService" - | "verifyingService" - | "serviceRestored" - | "postIncidentReviewPublished" - | "serviceDegradation" - | "serviceInterruption" - | "extendedRecovery" - | "falsePositive" - | "investigationSuspended" - | "resolved" - | "mitigatedExternal" - | "mitigated" - | "resolvedExternal" - | "confirmed" - | "reported" - | "unknownFutureValue"; -export type ServiceUpdateCategory = "preventOrFixIssue" | "planForChange" | "stayInformed" | "unknownFutureValue"; -export type ServiceUpdateSeverity = "normal" | "high" | "critical" | "unknownFutureValue"; -export type DataCollectionStatus = "online" | "offline" | "unknownFutureValue"; -export type PermissionsModificationCapability = - | "enabled" - | "notConfigured" - | "noRecentDataCollected" - | "unknownFutureValue"; -export type AuthorizationSystemActionSeverity = "normal" | "high" | "unknownFutureValue"; -export type AuthorizationSystemActionType = "delete" | "read" | "unknownFutureValue"; -export type AwsPolicyType = "system" | "custom" | "unknownFutureValue"; -export type AwsRoleTrustEntityType = "none" | "service" | "sso" | "crossAccount" | "webIdentity" | "unknownFutureValue"; -export type AwsRoleType = "system" | "custom" | "unknownFutureValue"; -export type AzureRoleDefinitionType = "system" | "custom" | "unknownFutureValue"; -export type GcpRoleType = "system" | "custom" | "unknownFutureValue"; -export type AuthorizationSystemType = "azure" | "gcp" | "aws" | "unknownFutureValue"; -export type AwsAccessType = "public" | "restricted" | "crossAccount" | "private" | "unknownFutureValue"; -export type AwsSecretInformationWebServices = - | "secretsManager" - | "certificateAuthority" - | "cloudHsm" - | "certificateManager" - | "unknownFutureValue"; -export type AwsSecurityToolWebServices = - | "macie" - | "wafShield" - | "cloudTrail" - | "inspector" - | "securityHub" - | "detective" - | "guardDuty" - | "unknownFutureValue"; -export type AzureAccessType = "public" | "private" | "unknownFutureValue"; -export type AzureEncryption = "microsoftStorage" | "microsoftKeyVault" | "customer" | "unknownFutureValue"; -export type ExternalSystemAccessMethods = "direct" | "roleChaining" | "unknownFutureValue"; -export type GcpAccessType = "public" | "subjectToObjectAcls" | "private" | "unknownFutureValue"; -export type GcpEncryption = "google" | "customer" | "unknownFutureValue"; -export type IamStatus = "active" | "inactive" | "disabled" | "unknownFutureValue"; -export type AwsStatementEffect = "allow" | "deny" | "unknownFutureValue"; -export type PermissionsDefinitionIdentityType = - | "user" - | "role" - | "application" - | "managedIdentity" - | "serviceAccount" - | "unknownFutureValue"; -export type PermissionsRequestOccurrenceStatus = - | "grantingFailed" - | "granted" - | "granting" - | "revoked" - | "revoking" - | "revokingFailed" - | "unknownFutureValue"; -export type StatusDetail = "submitted" | "approved" | "completed" | "canceled" | "rejected" | "unknownFutureValue"; -export type BucketAggregationSortProperty = "count" | "keyAsString" | "keyAsNumber" | "unknownFutureValue"; -export type SearchAlterationType = "suggestion" | "modification" | "unknownFutureValue"; -export type SearchContent = "sharedContent" | "privateContent" | "unknownFutureValue"; -export type Priority = "None" | "High" | "Low"; -export type PlannerContainerType = "group" | "unknownFutureValue" | "roster" | "project" | "driveItem" | "user"; -export type PlannerContextState = "active" | "delinked" | "unknownFutureValue"; -export type PlannerCreationSourceKind = "none" | "external" | "publication" | "unknownFutureValue"; -export type PlannerExternalTaskSourceDisplayType = "none" | "default" | "unknownFutureValue"; -export type PlannerPlanAccessLevel = "readAccess" | "readWriteAccess" | "fullAccess" | "unknownFutureValue"; -export type PlannerPlanContextType = - | "teamsTab" - | "sharePointPage" - | "meetingNotes" - | "other" - | "unknownFutureValue" - | "loopPage" - | "project"; -export type PlannerPreviewType = "automatic" | "noPreview" | "checklist" | "description" | "reference"; -export type PlannerTaskCompletionRequirements = "none" | "checklistCompletion" | "unknownFutureValue"; -export type PlannerTaskTargetKind = "group" | "unknownFutureValue"; -export type OnenotePatchActionType = "Replace" | "Append" | "Delete" | "Insert" | "Prepend"; -export type OnenotePatchInsertPosition = "After" | "Before"; -export type OnenoteSourceService = "Unknown" | "OneDrive" | "OneDriveForBusiness" | "OnPremOneDriveForBusiness"; -export type OnenoteUserRole = "None" | "Owner" | "Contributor" | "Reader"; -export type OperationStatus = "NotStarted" | "Running" | "Completed" | "Failed"; -export type DelegatedAdminAccessAssignmentStatus = - | "pending" - | "active" - | "deleting" - | "deleted" - | "error" - | "unknownFutureValue"; -export type DelegatedAdminAccessContainerType = "securityGroup" | "unknownFutureValue"; -export type DelegatedAdminRelationshipOperationType = "delegatedAdminAccessAssignmentUpdate" | "unknownFutureValue"; -export type DelegatedAdminRelationshipRequestAction = - | "lockForApproval" - | "approve" - | "terminate" - | "unknownFutureValue" - | "reject"; -export type DelegatedAdminRelationshipRequestStatus = - | "created" - | "pending" - | "succeeded" - | "failed" - | "unknownFutureValue"; -export type DelegatedAdminRelationshipStatus = - | "activating" - | "active" - | "approvalPending" - | "approved" - | "created" - | "expired" - | "expiring" - | "terminated" - | "terminating" - | "terminationRequested" - | "unknownFutureValue"; -export type AllowedAudiences = - | "me" - | "family" - | "contacts" - | "groupMembers" - | "organization" - | "federatedOrganizations" - | "everyone" - | "unknownFutureValue"; -export type LanguageProficiencyLevel = - | "elementary" - | "conversational" - | "limitedWorking" - | "professionalWorking" - | "fullProfessional" - | "nativeOrBilingual" - | "unknownFutureValue"; -export type PersonAnnualEventType = "birthday" | "wedding" | "work" | "other" | "unknownFutureValue"; -export type PersonRelationship = - | "manager" - | "colleague" - | "directReport" - | "dotLineReport" - | "assistant" - | "dotLineManager" - | "alternateContact" - | "friend" - | "spouse" - | "sibling" - | "child" - | "parent" - | "sponsor" - | "emergencyContact" - | "other" - | "unknownFutureValue"; -export type SkillProficiencyLevel = - | "elementary" - | "limitedWorking" - | "generalProfessional" - | "advancedProfessional" - | "expert" - | "unknownFutureValue"; -export type TranslationBehavior = "Ask" | "Yes" | "No"; -export type AlertSeverity = "unknown" | "informational" | "low" | "medium" | "high" | "unknownFutureValue"; -export type AssignmentScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; -export type AssignmentScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; -export type AssignmentScheduleRequestFilterByCurrentUserOptions = - | "principal" - | "createdBy" - | "approver" - | "unknownFutureValue"; -export type EligibilityScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; -export type EligibilityScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; -export type EligibilityScheduleRequestFilterByCurrentUserOptions = - | "principal" - | "createdBy" - | "approver" - | "unknownFutureValue"; -export type PrivilegedAccessGroupAssignmentType = "assigned" | "activated" | "unknownFutureValue"; -export type PrivilegedAccessGroupMemberType = "direct" | "group" | "unknownFutureValue"; -export type PrivilegedAccessGroupRelationships = "owner" | "member" | "unknownFutureValue"; -export type RoleAssignmentScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; -export type RoleAssignmentScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; -export type RoleAssignmentScheduleRequestFilterByCurrentUserOptions = - | "principal" - | "createdBy" - | "approver" - | "unknownFutureValue"; -export type RoleEligibilityScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; -export type RoleEligibilityScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; -export type RoleEligibilityScheduleRequestFilterByCurrentUserOptions = - | "principal" - | "createdBy" - | "approver" - | "unknownFutureValue"; -export type ScheduleRequestActions = - | "adminAssign" - | "adminUpdate" - | "adminRemove" - | "selfActivate" - | "selfDeactivate" - | "adminExtend" - | "adminRenew" - | "selfExtend" - | "selfRenew" - | "unknownFutureValue"; -export type ApprovalState = "pending" | "approved" | "denied" | "aborted" | "canceled"; -export type RoleSummaryStatus = "ok" | "bad"; -export type SetupStatus = - | "unknown" - | "notRegisteredYet" - | "registeredSetupNotStarted" - | "registeredSetupInProgress" - | "registrationAndSetupCompleted" - | "registrationFailed" - | "registrationTimedOut" - | "disabled"; export type PrintColorConfiguration = "blackAndWhite" | "grayscale" | "color" | "auto"; export type PrintColorMode = "blackAndWhite" | "grayscale" | "color" | "auto" | "unknownFutureValue"; export type PrintDuplexConfiguration = "twoSidedLongEdge" | "twoSidedShortEdge" | "oneSided"; @@ -5144,224 +4247,818 @@ export type PrinterProcessingStateReason = | "fuserOverTemp" | "fuserUnderTemp" | "other" - | "none" - | "movingToPaused" - | "shutdown" - | "connectingToDevice" - | "timedOut" - | "stopping" - | "stoppedPartially" - | "tonerLow" - | "tonerEmpty" - | "spoolAreaFull" - | "doorOpen" - | "opticalPhotoConductorNearEndOfLife" - | "opticalPhotoConductorLifeOver" - | "developerLow" - | "developerEmpty" - | "interpreterResourceUnavailable" + | "none" + | "movingToPaused" + | "shutdown" + | "connectingToDevice" + | "timedOut" + | "stopping" + | "stoppedPartially" + | "tonerLow" + | "tonerEmpty" + | "spoolAreaFull" + | "doorOpen" + | "opticalPhotoConductorNearEndOfLife" + | "opticalPhotoConductorLifeOver" + | "developerLow" + | "developerEmpty" + | "interpreterResourceUnavailable" + | "unknownFutureValue"; +export type PrintEvent = "jobStarted" | "unknownFutureValue"; +export type PrintFinishing = + | "none" + | "staple" + | "punch" + | "cover" + | "bind" + | "saddleStitch" + | "stitchEdge" + | "stapleTopLeft" + | "stapleBottomLeft" + | "stapleTopRight" + | "stapleBottomRight" + | "stitchLeftEdge" + | "stitchTopEdge" + | "stitchRightEdge" + | "stitchBottomEdge" + | "stapleDualLeft" + | "stapleDualTop" + | "stapleDualRight" + | "stapleDualBottom" + | "unknownFutureValue"; +export type PrintJobProcessingState = + | "unknown" + | "pending" + | "processing" + | "paused" + | "stopped" + | "completed" + | "canceled" + | "aborted" + | "unknownFutureValue"; +export type PrintJobStateDetail = + | "uploadPending" + | "transforming" + | "completedSuccessfully" + | "completedWithWarnings" + | "completedWithErrors" + | "releaseWait" + | "interpreting" + | "unknownFutureValue"; +export type PrintMediaType = + | "stationery" + | "transparency" + | "envelope" + | "envelopePlain" + | "continuous" + | "screen" + | "screenPaged" + | "continuousLong" + | "continuousShort" + | "envelopeWindow" + | "multiPartForm" + | "multiLayer" + | "labels"; +export type PrintMultipageLayout = + | "clockwiseFromTopLeft" + | "counterclockwiseFromTopLeft" + | "counterclockwiseFromTopRight" + | "clockwiseFromTopRight" + | "counterclockwiseFromBottomLeft" + | "clockwiseFromBottomLeft" + | "counterclockwiseFromBottomRight" + | "clockwiseFromBottomRight" + | "unknownFutureValue"; +export type PrintOperationProcessingState = "notStarted" | "running" | "succeeded" | "failed" | "unknownFutureValue"; +export type PrintOrientation = "portrait" | "landscape" | "reverseLandscape" | "reversePortrait" | "unknownFutureValue"; +export type PrintPresentationDirection = + | "clockwiseFromTopLeft" + | "counterClockwiseFromTopLeft" + | "counterClockwiseFromTopRight" + | "clockwiseFromTopRight" + | "counterClockwiseFromBottomLeft" + | "clockwiseFromBottomLeft" + | "counterClockwiseFromBottomRight" + | "clockwiseFromBottomRight"; +export type PrintQuality = "low" | "medium" | "high" | "unknownFutureValue"; +export type PrintScaling = "auto" | "shrinkToFit" | "fill" | "fit" | "none" | "unknownFutureValue"; +export type PrintTaskProcessingState = "pending" | "processing" | "completed" | "aborted" | "unknownFutureValue"; +export type Priority = "None" | "High" | "Low"; +export type PrivateNetworkDestinationType = + | "ipAddress" + | "ipRange" + | "ipRangeCidr" + | "fqdn" + | "dnsSuffix" + | "unknownFutureValue"; +export type PrivateNetworkProtocol = "tcp" | "udp" | "unknownFutureValue"; +export type PrivilegedAccessGroupAssignmentType = "assigned" | "activated" | "unknownFutureValue"; +export type PrivilegedAccessGroupMemberType = "direct" | "group" | "unknownFutureValue"; +export type PrivilegedAccessGroupRelationships = "owner" | "member" | "unknownFutureValue"; +export type PrivilegeManagementElevationType = + | "undetermined" + | "unmanagedElevation" + | "zeroTouchElevation" + | "userConfirmedElevation" + | "supportApprovedElevation" + | "unknownFutureValue"; +export type PrivilegeManagementEndUserType = "undetermined" | "azureAd" | "hybrid" | "local" | "unknownFutureValue"; +export type PrivilegeManagementProcessType = "undefined" | "parent" | "child" | "unknownFutureValue"; +export type ProcessIntegrityLevel = + | "unknown" + | "untrusted" + | "low" + | "medium" + | "high" + | "system" + | "unknownFutureValue"; +export type PromptLoginBehavior = + | "translateToFreshPasswordAuthentication" + | "nativeSupport" + | "disabled" + | "unknownFutureValue"; +export type PropertyType = + | "string" + | "int64" + | "double" + | "dateTime" + | "boolean" + | "stringCollection" + | "int64Collection" + | "doubleCollection" + | "dateTimeCollection"; +export type ProtocolType = + | "none" + | "oAuth2" + | "ropc" + | "wsFederation" + | "saml20" + | "deviceCode" + | "unknownFutureValue" + | "authenticationTransfer"; +export type ProvisioningAction = + | "other" + | "create" + | "delete" + | "disable" + | "update" + | "stagedDelete" + | "unknownFutureValue"; +export type ProvisioningResult = "success" | "failure" | "skipped" | "warning" | "unknownFutureValue"; +export type ProvisioningStatusErrorCategory = "failure" | "nonServiceFailure" | "success" | "unknownFutureValue"; +export type ProvisioningStepType = + | "import" + | "scoping" + | "matching" + | "processing" + | "referenceResolution" + | "export" + | "unknownFutureValue"; +export type QuarantineReason = + | "EncounteredBaseEscrowThreshold" + | "EncounteredTotalEscrowThreshold" + | "EncounteredEscrowProportionThreshold" + | "EncounteredQuarantineException" + | "Unknown" + | "QuarantinedOnDemand" + | "TooManyDeletes" + | "IngestionInterrupted"; +export type RatingAppsType = "allAllowed" | "allBlocked" | "agesAbove4" | "agesAbove9" | "agesAbove12" | "agesAbove17"; +export type RatingAustraliaMoviesType = + | "allAllowed" + | "allBlocked" + | "general" + | "parentalGuidance" + | "mature" + | "agesAbove15" + | "agesAbove18"; +export type RatingAustraliaTelevisionType = + | "allAllowed" + | "allBlocked" + | "preschoolers" + | "children" + | "general" + | "parentalGuidance" + | "mature" + | "agesAbove15" + | "agesAbove15AdultViolence"; +export type RatingCanadaMoviesType = + | "allAllowed" + | "allBlocked" + | "general" + | "parentalGuidance" + | "agesAbove14" + | "agesAbove18" + | "restricted"; +export type RatingCanadaTelevisionType = + | "allAllowed" + | "allBlocked" + | "children" + | "childrenAbove8" + | "general" + | "parentalGuidance" + | "agesAbove14" + | "agesAbove18"; +export type RatingFranceMoviesType = + | "allAllowed" + | "allBlocked" + | "agesAbove10" + | "agesAbove12" + | "agesAbove16" + | "agesAbove18"; +export type RatingFranceTelevisionType = + | "allAllowed" + | "allBlocked" + | "agesAbove10" + | "agesAbove12" + | "agesAbove16" + | "agesAbove18"; +export type RatingGermanyMoviesType = + | "allAllowed" + | "allBlocked" + | "general" + | "agesAbove6" + | "agesAbove12" + | "agesAbove16" + | "adults"; +export type RatingGermanyTelevisionType = + | "allAllowed" + | "allBlocked" + | "general" + | "agesAbove6" + | "agesAbove12" + | "agesAbove16" + | "adults"; +export type RatingIrelandMoviesType = + | "allAllowed" + | "allBlocked" + | "general" + | "parentalGuidance" + | "agesAbove12" + | "agesAbove15" + | "agesAbove16" + | "adults"; +export type RatingIrelandTelevisionType = + | "allAllowed" + | "allBlocked" + | "general" + | "children" + | "youngAdults" + | "parentalSupervision" + | "mature"; +export type RatingJapanMoviesType = + | "allAllowed" + | "allBlocked" + | "general" + | "parentalGuidance" + | "agesAbove15" + | "agesAbove18"; +export type RatingJapanTelevisionType = "allAllowed" | "allBlocked" | "explicitAllowed"; +export type RatingNewZealandMoviesType = + | "allAllowed" + | "allBlocked" + | "general" + | "parentalGuidance" + | "mature" + | "agesAbove13" + | "agesAbove15" + | "agesAbove16" + | "agesAbove18" + | "restricted" + | "agesAbove16Restricted"; +export type RatingNewZealandTelevisionType = "allAllowed" | "allBlocked" | "general" | "parentalGuidance" | "adults"; +export type RatingUnitedKingdomMoviesType = + | "allAllowed" + | "allBlocked" + | "general" + | "universalChildren" + | "parentalGuidance" + | "agesAbove12Video" + | "agesAbove12Cinema" + | "agesAbove15" + | "adults"; +export type RatingUnitedKingdomTelevisionType = "allAllowed" | "allBlocked" | "caution"; +export type RatingUnitedStatesMoviesType = + | "allAllowed" + | "allBlocked" + | "general" + | "parentalGuidance" + | "parentalGuidance13" + | "restricted" + | "adults"; +export type RatingUnitedStatesTelevisionType = + | "allAllowed" + | "allBlocked" + | "childrenAll" + | "childrenAbove7" + | "general" + | "parentalGuidance" + | "childrenAbove14" + | "adults"; +export type RecipientScopeType = "none" | "internal" | "external" | "externalPartner" | "externalNonPartner"; +export type RecommendationCategory = "identityBestPractice" | "identitySecureScore" | "unknownFutureValue"; +export type RecommendationFeatureAreas = + | "users" + | "groups" + | "devices" + | "applications" + | "accessReviews" + | "conditionalAccess" + | "governance" + | "unknownFutureValue"; +export type RecommendationPriority = "low" | "medium" | "high"; +export type RecommendationStatus = + | "active" + | "completedBySystem" + | "completedByUser" + | "dismissed" + | "postponed" + | "unknownFutureValue"; +export type RecommendationType = + | "adfsAppsMigration" + | "enableDesktopSSO" + | "enablePHS" + | "enableProvisioning" + | "switchFromPerUserMFA" + | "tenantMFA" + | "thirdPartyApps" + | "turnOffPerUserMFA" + | "useAuthenticatorApp" + | "useMyApps" + | "staleApps" + | "staleAppCreds" + | "applicationCredentialExpiry" + | "servicePrincipalKeyExpiry" + | "adminMFAV2" + | "blockLegacyAuthentication" + | "integratedApps" + | "mfaRegistrationV2" + | "pwagePolicyNew" + | "passwordHashSync" + | "oneAdmin" + | "roleOverlap" + | "selfServicePasswordReset" + | "signinRiskPolicy" + | "userRiskPolicy" + | "verifyAppPublisher" + | "privateLinkForAAD" + | "appRoleAssignmentsGroups" + | "appRoleAssignmentsUsers" + | "managedIdentity" + | "overprivilegedApps" + | "unknownFutureValue" + | "longLivedCredentials" + | "aadConnectDeprecated" + | "adalToMsalMigration" + | "ownerlessApps" + | "inactiveGuests" + | "aadGraphDeprecationApplication" + | "aadGraphDeprecationServicePrincipal" + | "mfaServerDeprecation"; +export type RecordCompletionReason = + | "operationCanceled" + | "stopToneDetected" + | "maxRecordDurationReached" + | "initialSilenceTimeout" + | "maxSilenceTimeout" + | "playPromptFailed" + | "playBeepFailed" + | "mediaReceiveTimeout" + | "unspecifiedError"; +export type RecordingStatus = "unknown" | "notRecording" | "recording" | "failed" | "unknownFutureValue"; +export type RecurrencePatternType = + | "daily" + | "weekly" + | "absoluteMonthly" + | "relativeMonthly" + | "absoluteYearly" + | "relativeYearly"; +export type RecurrenceRangeType = "endDate" | "noEnd" | "numbered"; +export type ReferenceAttachmentPermission = + | "other" + | "view" + | "edit" + | "anonymousView" + | "anonymousEdit" + | "organizationView" + | "organizationEdit"; +export type ReferenceAttachmentProvider = "other" | "oneDriveBusiness" | "oneDriveConsumer" | "dropbox"; +export type RegistrationAuthMethod = + | "email" + | "mobilePhone" + | "officePhone" + | "securityQuestion" + | "appNotification" + | "appCode" + | "alternateMobilePhone" + | "fido" + | "appPassword" | "unknownFutureValue"; -export type PrintEvent = "jobStarted" | "unknownFutureValue"; -export type PrintFinishing = +export type RegistrationStatusType = "registered" | "enabled" | "capable" | "mfaRegistered" | "unknownFutureValue"; +export type RegistryHive = + | "unknown" + | "currentConfig" + | "currentUser" + | "localMachineSam" + | "localMachineSecurity" + | "localMachineSoftware" + | "localMachineSystem" + | "usersDefault" + | "unknownFutureValue"; +export type RegistryOperation = "unknown" | "create" | "modify" | "delete" | "unknownFutureValue"; +export type RegistryValueType = + | "unknown" + | "binary" + | "dword" + | "dwordLittleEndian" + | "dwordBigEndian" + | "expandSz" + | "link" + | "multiSz" | "none" - | "staple" - | "punch" - | "cover" - | "bind" - | "saddleStitch" - | "stitchEdge" - | "stapleTopLeft" - | "stapleBottomLeft" - | "stapleTopRight" - | "stapleBottomRight" - | "stitchLeftEdge" - | "stitchTopEdge" - | "stitchRightEdge" - | "stitchBottomEdge" - | "stapleDualLeft" - | "stapleDualTop" - | "stapleDualRight" - | "stapleDualBottom" + | "qword" + | "qwordlittleEndian" + | "sz" | "unknownFutureValue"; -export type PrintJobProcessingState = +export type RejectReason = "none" | "busy" | "forbidden" | "unknownFutureValue"; +export type ReleaseType = "preview" | "generallyAvailable" | "unknownFutureValue"; +export type RemediationState = | "unknown" - | "pending" - | "processing" - | "paused" - | "stopped" - | "completed" - | "canceled" - | "aborted" + | "skipped" + | "success" + | "remediationFailed" + | "scriptError" | "unknownFutureValue"; -export type PrintJobStateDetail = - | "uploadPending" - | "transforming" - | "completedSuccessfully" - | "completedWithWarnings" - | "completedWithErrors" - | "releaseWait" - | "interpreting" +export type RemindBeforeTimeInMinutesType = "mins15" | "unknownFutureValue"; +export type RemoteAction = + | "unknown" + | "factoryReset" + | "removeCompanyData" + | "resetPasscode" + | "remoteLock" + | "enableLostMode" + | "disableLostMode" + | "locateDevice" + | "rebootNow" + | "recoverPasscode" + | "cleanWindowsDevice" + | "logoutSharedAppleDeviceActiveUser" + | "quickScan" + | "fullScan" + | "windowsDefenderUpdateSignatures" + | "factoryResetKeepEnrollmentData" + | "updateDeviceAccount" + | "automaticRedeployment" + | "shutDown" + | "rotateBitLockerKeys" + | "rotateFileVaultKey" + | "getFileVaultKey" + | "setDeviceName" + | "activateDeviceEsim" + | "deprovision" + | "disable" + | "reenable" + | "moveDeviceToOrganizationalUnit" + | "initiateMobileDeviceManagementKeyRecovery" + | "initiateOnDemandProactiveRemediation" + | "rotateLocalAdminPassword" + | "unknownFutureValue" + | "launchRemoteHelp" + | "revokeAppleVppLicenses" + | "removeDeviceFirmwareConfigurationInterfaceManagement" + | "pauseConfigurationRefresh" + | "initiateDeviceAttestation" + | "changeAssignments"; +export type RemoteAssistanceOnboardingStatus = "notOnboarded" | "onboarding" | "onboarded"; +export type RemoteAssistanceState = "disabled" | "enabled"; +export type ReplyRestriction = "everyone" | "authorAndModerators" | "unknownFutureValue"; +export type RequiredPasswordType = "deviceDefault" | "alphanumeric" | "numeric"; +export type RequirementProvider = + | "user" + | "request" + | "servicePrincipal" + | "v1ConditionalAccess" + | "multiConditionalAccess" + | "tenantSessionRiskPolicy" + | "accountCompromisePolicies" + | "v1ConditionalAccessDependency" + | "v1ConditionalAccessPolicyIdRequested" + | "mfaRegistrationRequiredByIdentityProtectionPolicy" + | "baselineProtection" + | "mfaRegistrationRequiredByBaselineProtection" + | "mfaRegistrationRequiredByMultiConditionalAccess" + | "enforcedForCspAdmins" + | "securityDefaults" + | "mfaRegistrationRequiredBySecurityDefaults" + | "proofUpCodeRequest" + | "crossTenantOutboundRule" + | "gpsLocationCondition" + | "riskBasedPolicy" | "unknownFutureValue"; -export type PrintMediaType = - | "stationery" - | "transparency" - | "envelope" - | "envelopePlain" - | "continuous" - | "screen" - | "screenPaged" - | "continuousLong" - | "continuousShort" - | "envelopeWindow" - | "multiPartForm" - | "multiLayer" - | "labels"; -export type PrintMultipageLayout = - | "clockwiseFromTopLeft" - | "counterclockwiseFromTopLeft" - | "counterclockwiseFromTopRight" - | "clockwiseFromTopRight" - | "counterclockwiseFromBottomLeft" - | "clockwiseFromBottomLeft" - | "counterclockwiseFromBottomRight" - | "clockwiseFromBottomRight" +export type ResourceScopeType = "group" | "chat" | "tenant" | "unknownFutureValue" | "team"; +export type ResponseType = "none" | "organizer" | "tentativelyAccepted" | "accepted" | "declined" | "notResponded"; +export type RestoreTimeRange = "before" | "after" | "beforeOrAfter" | "unknownFutureValue"; +export type RestrictedAppsState = "prohibitedApps" | "notApprovedApps"; +export type RestrictionAction = "warn" | "audit" | "block"; +export type RestrictionTrigger = + | "copyPaste" + | "copyToNetworkShare" + | "copyToRemovableMedia" + | "screenCapture" + | "print" + | "cloudEgress" + | "unallowedApps"; +export type ResultantAppState = + | "notApplicable" + | "installed" + | "failed" + | "notInstalled" + | "uninstallFailed" + | "pendingInstall" + | "unknown"; +export type ResultantAppStateDetail = + | "processorArchitectureNotApplicable" + | "minimumDiskSpaceNotMet" + | "minimumOsVersionNotMet" + | "minimumPhysicalMemoryNotMet" + | "minimumLogicalProcessorCountNotMet" + | "minimumCpuSpeedNotMet" + | "platformNotApplicable" + | "fileSystemRequirementNotMet" + | "registryRequirementNotMet" + | "powerShellScriptRequirementNotMet" + | "supersedingAppsNotApplicable" + | "noAdditionalDetails" + | "dependencyFailedToInstall" + | "dependencyWithRequirementsNotMet" + | "dependencyPendingReboot" + | "dependencyWithAutoInstallDisabled" + | "supersededAppUninstallFailed" + | "supersededAppUninstallPendingReboot" + | "removingSupersededApps" + | "iosAppStoreUpdateFailedToInstall" + | "vppAppHasUpdateAvailable" + | "userRejectedUpdate" + | "uninstallPendingReboot" + | "supersedingAppsDetected" + | "supersededAppsDetected" + | "seeInstallErrorCode" + | "autoInstallDisabled" + | "managedAppNoLongerPresent" + | "userRejectedInstall" + | "userIsNotLoggedIntoAppStore" + | "untargetedSupersedingAppsDetected" + | "appRemovedBySupersedence" + | "seeUninstallErrorCode" + | "pendingReboot" + | "installingDependencies" + | "contentDownloaded"; +export type RiskDetail = + | "none" + | "adminGeneratedTemporaryPassword" + | "userPerformedSecuredPasswordChange" + | "userPerformedSecuredPasswordReset" + | "adminConfirmedSigninSafe" + | "aiConfirmedSigninSafe" + | "userPassedMFADrivenByRiskBasedPolicy" + | "adminDismissedAllRiskForUser" + | "adminConfirmedSigninCompromised" + | "hidden" + | "adminConfirmedUserCompromised" + | "unknownFutureValue" + | "adminConfirmedServicePrincipalCompromised" + | "adminDismissedAllRiskForServicePrincipal" + | "m365DAdminDismissedDetection" + | "userChangedPasswordOnPremises" + | "adminDismissedRiskForSignIn" + | "adminConfirmedAccountSafe"; +export type RiskDetectionTimingType = "notDefined" | "realtime" | "nearRealtime" | "offline" | "unknownFutureValue"; +export type RiskEventType = + | "unlikelyTravel" + | "anonymizedIPAddress" + | "maliciousIPAddress" + | "unfamiliarFeatures" + | "malwareInfectedIPAddress" + | "suspiciousIPAddress" + | "leakedCredentials" + | "investigationsThreatIntelligence" + | "generic" + | "adminConfirmedUserCompromised" + | "mcasImpossibleTravel" + | "mcasSuspiciousInboxManipulationRules" + | "investigationsThreatIntelligenceSigninLinked" + | "maliciousIPAddressValidCredentialsBlockedIP" + | "unknownFutureValue"; +export type RiskLevel = "low" | "medium" | "high" | "hidden" | "none" | "unknownFutureValue"; +export type RiskState = + | "none" + | "confirmedSafe" + | "remediated" + | "dismissed" + | "atRisk" + | "confirmedCompromised" + | "unknownFutureValue"; +export type RoleAssignmentScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; +export type RoleAssignmentScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; +export type RoleAssignmentScheduleRequestFilterByCurrentUserOptions = + | "principal" + | "createdBy" + | "approver" + | "unknownFutureValue"; +export type RoleAssignmentScopeType = "resourceScope" | "allDevices" | "allLicensedUsers" | "allDevicesAndLicensedUsers"; +export type RoleEligibilityScheduleFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; +export type RoleEligibilityScheduleInstanceFilterByCurrentUserOptions = "principal" | "unknownFutureValue"; +export type RoleEligibilityScheduleRequestFilterByCurrentUserOptions = + | "principal" + | "createdBy" + | "approver" + | "unknownFutureValue"; +export type RoleSummaryStatus = "ok" | "bad"; +export type RootDomains = + | "none" + | "all" + | "allFederated" + | "allManaged" + | "enumerated" + | "allManagedAndEnumeratedFederated" + | "unknownFutureValue"; +export type RoutingMode = "oneToOne" | "multicast"; +export type RoutingPolicy = + | "none" + | "noMissedCall" + | "disableForwardingExceptPhone" + | "disableForwarding" + | "preferSkypeForBusiness" | "unknownFutureValue"; -export type PrintOperationProcessingState = "notStarted" | "running" | "succeeded" | "failed" | "unknownFutureValue"; -export type PrintOrientation = "portrait" | "landscape" | "reverseLandscape" | "reversePortrait" | "unknownFutureValue"; -export type PrintPresentationDirection = - | "clockwiseFromTopLeft" - | "counterClockwiseFromTopLeft" - | "counterClockwiseFromTopRight" - | "clockwiseFromTopRight" - | "counterClockwiseFromBottomLeft" - | "clockwiseFromBottomLeft" - | "counterClockwiseFromBottomRight" - | "clockwiseFromBottomRight"; -export type PrintQuality = "low" | "medium" | "high" | "unknownFutureValue"; -export type PrintScaling = "auto" | "shrinkToFit" | "fill" | "fit" | "none" | "unknownFutureValue"; -export type PrintTaskProcessingState = "pending" | "processing" | "completed" | "aborted" | "unknownFutureValue"; -export type Status = "active" | "updated" | "deleted" | "ignored" | "unknownFutureValue"; -export type DataPolicyOperationStatus = "notStarted" | "running" | "complete" | "failed" | "unknownFutureValue"; -export type AccountTargetContentType = "unknown" | "includeAll" | "addressBook" | "unknownFutureValue"; -export type AttackSimulationOperationType = "createSimualation" | "updateSimulation" | "unknownFutureValue"; -export type CoachmarkLocationType = - | "unknown" - | "fromEmail" - | "subject" - | "externalTag" - | "displayName" - | "messageBody" +export type RoutingType = "forwarded" | "lookup" | "selfFork" | "unknownFutureValue"; +export type RuleMode = "audit" | "auditAndNotify" | "enforce" | "pendingDeletion" | "test"; +export type RunAsAccountType = "system" | "user"; +export type RunState = "unknown" | "success" | "fail" | "scriptError" | "pending" | "notApplicable"; +export type SafeSearchFilterType = "userDefined" | "strict" | "moderate"; +export type ScheduleChangeRequestActor = "sender" | "recipient" | "manager" | "system" | "unknownFutureValue"; +export type ScheduleChangeState = "pending" | "approved" | "declined" | "unknownFutureValue"; +export type ScheduledPermissionsRequestFilterByCurrentUserOptions = + | "principal" + | "createdBy" + | "approver" | "unknownFutureValue"; -export type EndUserNotificationPreference = "unknown" | "microsoft" | "custom" | "unknownFutureValue"; -export type EndUserNotificationSettingType = - | "unknown" - | "noTraining" - | "trainingSelected" - | "noNotification" +export type ScheduledRetireState = "cancelRetire" | "confirmRetire" | "unknownFutureValue"; +export type ScheduleEntityTheme = + | "white" + | "blue" + | "green" + | "purple" + | "pink" + | "yellow" + | "gray" + | "darkBlue" + | "darkGreen" + | "darkPurple" + | "darkPink" + | "darkYellow" | "unknownFutureValue"; -export type EndUserNotificationType = - | "unknown" - | "positiveReinforcement" - | "noTraining" - | "trainingAssignment" - | "trainingReminder" +export type ScheduleRequestActions = + | "adminAssign" + | "adminUpdate" + | "adminRemove" + | "selfActivate" + | "selfDeactivate" + | "adminExtend" + | "adminRenew" + | "selfExtend" + | "selfRenew" | "unknownFutureValue"; -export type NotificationDeliveryFrequency = "unknown" | "weekly" | "biWeekly" | "unknownFutureValue"; -export type NotificationDeliveryPreference = +export type ScopeOperatorMultiValuedComparisonType = "All" | "Any"; +export type ScopeOperatorType = "Binary" | "Unary"; +export type ScreenSharingRole = "viewer" | "sharer"; +export type SearchAlterationType = "suggestion" | "modification" | "unknownFutureValue"; +export type SearchContent = "sharedContent" | "privateContent" | "unknownFutureValue"; +export type SectionEmphasisType = "none" | "neutral" | "soft" | "strong" | "unknownFutureValue"; +export type SecureAssessmentAccountType = "azureADAccount" | "domainAccount" | "localAccount" | "localGuestAccount"; +export type SecureBootWithDMAType = "notConfigured" | "withoutDMA" | "withDMA"; +export type SecurityBaselineComplianceState = | "unknown" - | "deliverImmedietly" - | "deliverAfterCampaignEnd" - | "unknownFutureValue"; -export type OAuthAppScope = + | "secure" + | "notApplicable" + | "notSecure" + | "error" + | "conflict"; +export type SecurityBaselinePolicySourceType = "deviceConfiguration" | "deviceIntent"; +export type SecurityNetworkProtocol = | "unknown" - | "readCalendar" - | "readContact" - | "readMail" - | "readAllChat" - | "readAllFile" - | "readAndWriteMail" - | "sendMail" + | "ip" + | "icmp" + | "igmp" + | "ggp" + | "ipv4" + | "tcp" + | "pup" + | "udp" + | "idp" + | "ipv6" + | "ipv6RoutingHeader" + | "ipv6FragmentHeader" + | "ipSecEncapsulatingSecurityPayload" + | "ipSecAuthenticationHeader" + | "icmpV6" + | "ipv6NoNextHeader" + | "ipv6DestinationOptions" + | "nd" + | "raw" + | "ipx" + | "spx" + | "spxII" | "unknownFutureValue"; -export type PayloadBrand = +export type SecurityQuestionType = "predefined" | "custom"; +export type SecurityResourceType = "unknown" | "attacked" | "related" | "unknownFutureValue"; +export type SendDtmfCompletionReason = | "unknown" - | "other" - | "americanExpress" - | "capitalOne" - | "dhl" - | "docuSign" - | "dropbox" - | "facebook" - | "firstAmerican" - | "microsoft" - | "netflix" - | "scotiabank" - | "sendGrid" - | "stewartTitle" - | "tesco" - | "wellsFargo" - | "syrinxCloud" - | "adobe" - | "teams" - | "zoom" + | "completedSuccessfully" + | "mediaOperationCanceled" | "unknownFutureValue"; -export type PayloadComplexity = "unknown" | "low" | "medium" | "high" | "unknownFutureValue"; -export type PayloadDeliveryPlatform = "unknown" | "sms" | "email" | "teams" | "unknownFutureValue"; -export type PayloadIndustry = - | "unknown" - | "other" - | "banking" - | "businessServices" - | "consumerServices" - | "education" - | "energy" - | "construction" - | "consulting" - | "financialServices" - | "government" - | "hospitality" - | "insurance" - | "legal" - | "courierServices" - | "IT" - | "healthcare" - | "manufacturing" - | "retail" - | "telecom" - | "realEstate" +export type SensitiveTypeScope = "fullDocument" | "partialDocument"; +export type SensitiveTypeSource = "outOfBox" | "tenant"; +export type Sensitivity = "normal" | "personal" | "private" | "confidential"; +export type SensitivityLabelAssignmentMethod = "standard" | "privileged" | "auto" | "unknownFutureValue"; +export type SensitivityLabelTarget = "email" | "site" | "unifiedGroup" | "teamwork" | "unknownFutureValue"; +export type ServiceHealthClassificationType = "advisory" | "incident" | "unknownFutureValue"; +export type ServiceHealthOrigin = "microsoft" | "thirdParty" | "customer" | "unknownFutureValue"; +export type ServiceHealthStatus = + | "serviceOperational" + | "investigating" + | "restoringService" + | "verifyingService" + | "serviceRestored" + | "postIncidentReviewPublished" + | "serviceDegradation" + | "serviceInterruption" + | "extendedRecovery" + | "falsePositive" + | "investigationSuspended" + | "resolved" + | "mitigatedExternal" + | "mitigated" + | "resolvedExternal" + | "confirmed" + | "reported" | "unknownFutureValue"; -export type PayloadTheme = +export type ServiceNowConnectionStatus = "disabled" | "enabled" | "unknownFutureValue"; +export type ServiceStartType = "manual" | "automatic" | "disabled"; +export type ServiceUpdateCategory = "preventOrFixIssue" | "planForChange" | "stayInformed" | "unknownFutureValue"; +export type ServiceUpdateSeverity = "normal" | "high" | "critical" | "unknownFutureValue"; +export type SettingSourceType = "deviceConfiguration" | "deviceIntent"; +export type SetupStatus = | "unknown" - | "other" - | "accountActivation" - | "accountVerification" - | "billing" - | "cleanUpMail" - | "controversial" - | "documentReceived" - | "expense" - | "fax" - | "financeReport" - | "incomingMessages" - | "invoice" - | "itemReceived" - | "loginAlert" - | "mailReceived" - | "password" - | "payment" - | "payroll" - | "personalizedOffer" - | "quarantine" - | "remoteWork" - | "reviewMessage" - | "securityUpdate" - | "serviceSuspended" - | "signatureRequired" - | "upgradeMailboxStorage" - | "verifyMailbox" - | "voicemail" - | "advertisement" - | "employeeEngagement" + | "notRegisteredYet" + | "registeredSetupNotStarted" + | "registeredSetupInProgress" + | "registrationAndSetupCompleted" + | "registrationFailed" + | "registrationTimedOut" + | "disabled"; +export type SharedPCAccountDeletionPolicyType = + | "immediate" + | "diskSpaceThreshold" + | "diskSpaceThresholdOrInactiveThreshold"; +export type SharedPCAllowedAccountType = "notConfigured" | "guest" | "domain"; +export type SharingCapabilities = + | "disabled" + | "externalUserSharingOnly" + | "externalUserAndGuestSharing" + | "existingExternalUserSharingOnly" + | "unknownFutureValue"; +export type SharingDomainRestrictionMode = "none" | "allowList" | "blockList" | "unknownFutureValue"; +export type ShiftWorkCloudPcAccessState = + | "unassigned" + | "noLicensesAvailable" + | "activationFailed" + | "active" + | "activating" + | "unknownFutureValue" + | "standbyMode"; +export type SignInAccessType = + | "none" + | "b2bCollaboration" + | "b2bDirectConnect" + | "microsoftSupport" + | "serviceProvider" + | "unknownFutureValue" + | "passthrough"; +export type SignInAssistantOptions = "notConfigured" | "disabled"; +export type SignInFrequencyAuthenticationType = + | "primaryAndSecondaryAuthentication" + | "secondaryAuthentication" + | "unknownFutureValue"; +export type SignInFrequencyInterval = "timeBased" | "everyTime" | "unknownFutureValue"; +export type SigninFrequencyType = "days" | "hours"; +export type SignInIdentifierType = + | "userPrincipalName" + | "phoneNumber" + | "proxyAddress" + | "qrCode" + | "onPremisesUserPrincipalName" | "unknownFutureValue"; +export type SignInUserType = "member" | "guest" | "unknownFutureValue"; export type SimulationAttackTechnique = | "unknown" | "credentialHarvesting" @@ -5370,7 +5067,8 @@ export type SimulationAttackTechnique = | "linkInAttachment" | "linkToMalwareFile" | "unknownFutureValue" - | "oAuthConsentGrant"; + | "oAuthConsentGrant" + | "phishTraining"; export type SimulationAttackType = "unknown" | "social" | "cloud" | "endpoint" | "unknownFutureValue"; export type SimulationAutomationRunStatus = | "unknown" @@ -5386,19 +5084,322 @@ export type SimulationAutomationStatus = | "running" | "completed" | "unknownFutureValue"; -export type SimulationContentSource = "unknown" | "global" | "tenant" | "unknownFutureValue"; -export type SimulationContentStatus = "unknown" | "draft" | "ready" | "archive" | "delete" | "unknownFutureValue"; -export type SimulationStatus = - | "unknown" - | "draft" +export type SimulationContentSource = "unknown" | "global" | "tenant" | "unknownFutureValue"; +export type SimulationContentStatus = "unknown" | "draft" | "ready" | "archive" | "delete" | "unknownFutureValue"; +export type SimulationStatus = + | "unknown" + | "draft" + | "running" + | "scheduled" + | "succeeded" + | "failed" + | "cancelled" + | "excluded" + | "unknownFutureValue"; +export type SingleSignOnMode = + | "none" + | "onPremisesKerberos" + | "saml" + | "pingHeaderBased" + | "aadHeaderBased" + | "oAuthToken" + | "unknownFutureValue"; +export type SiteAccessType = "block" | "full" | "limited"; +export type SiteSecurityLevel = "userDefined" | "low" | "mediumLow" | "medium" | "mediumHigh" | "high"; +export type SkillProficiencyLevel = + | "elementary" + | "limitedWorking" + | "generalProfessional" + | "advancedProfessional" + | "expert" + | "unknownFutureValue"; +export type SocialIdentitySourceType = "facebook" | "unknownFutureValue"; +export type StagedFeatureName = + | "passthroughAuthentication" + | "seamlessSso" + | "passwordHashSync" + | "emailAsAlternateId" + | "unknownFutureValue" + | "certificateBasedAuthentication"; +export type StateManagementSetting = "notConfigured" | "blocked" | "allowed"; +export type Status = "active" | "updated" | "deleted" | "ignored" | "unknownFutureValue"; +export type StatusDetail = "submitted" | "approved" | "completed" | "canceled" | "rejected" | "unknownFutureValue"; +export type SubjectAlternativeNameType = + | "none" + | "emailAddress" + | "userPrincipalName" + | "customAzureADAttribute" + | "domainNameService" + | "universalResourceIdentifier"; +export type SubjectNameFormat = + | "commonName" + | "commonNameIncludingEmail" + | "commonNameAsEmail" + | "custom" + | "commonNameAsIMEI" + | "commonNameAsSerialNumber" + | "commonNameAsAadDeviceId" + | "commonNameAsIntuneDeviceId" + | "commonNameAsDurableDeviceId"; +export type SubjectRightsRequestStage = + | "contentRetrieval" + | "contentReview" + | "generateReport" + | "contentDeletion" + | "caseResolved" + | "contentEstimate" + | "unknownFutureValue" + | "approval"; +export type SubjectRightsRequestStageStatus = "notStarted" | "current" | "completed" | "failed" | "unknownFutureValue"; +export type SubjectRightsRequestStatus = "active" | "closed" | "unknownFutureValue"; +export type SubjectRightsRequestType = "export" | "delete" | "access" | "tagForAction" | "unknownFutureValue"; +export type SynchronizationDisposition = "Normal" | "Discard" | "Escrow"; +export type SynchronizationJobRestartScope = + | "None" + | "ConnectorDataStore" + | "Escrows" + | "Watermark" + | "QuarantineState" + | "Full" + | "ForceDeletes"; +export type SynchronizationMetadata = + | "galleryApplicationIdentifier" + | "galleryApplicationKey" + | "isOAuthEnabled" + | "IsSynchronizationAgentAssignmentRequired" + | "isSynchronizationAgentRequired" + | "isSynchronizationInPreview" + | "oAuthSettings" + | "synchronizationLearnMoreIbizaFwLink" + | "configurationFields"; +export type SynchronizationScheduleState = "Active" | "Disabled" | "Paused"; +export type SynchronizationSecret = + | "None" + | "UserName" + | "Password" + | "SecretToken" + | "AppKey" + | "BaseAddress" + | "ClientIdentifier" + | "ClientSecret" + | "SingleSignOnType" + | "Sandbox" + | "Url" + | "Domain" + | "ConsumerKey" + | "ConsumerSecret" + | "TokenKey" + | "TokenExpiration" + | "Oauth2AccessToken" + | "Oauth2AccessTokenCreationTime" + | "Oauth2RefreshToken" + | "SyncAll" + | "InstanceName" + | "Oauth2ClientId" + | "Oauth2ClientSecret" + | "CompanyId" + | "UpdateKeyOnSoftDelete" + | "SynchronizationSchedule" + | "SystemOfRecord" + | "SandboxName" + | "EnforceDomain" + | "SyncNotificationSettings" + | "SkipOutOfScopeDeletions" + | "Oauth2AuthorizationCode" + | "Oauth2RedirectUri" + | "ApplicationTemplateIdentifier" + | "Oauth2TokenExchangeUri" + | "Oauth2AuthorizationUri" + | "AuthenticationType" + | "Server" + | "PerformInboundEntitlementGrants" + | "HardDeletesEnabled" + | "SyncAgentCompatibilityKey" + | "SyncAgentADContainer" + | "ValidateDomain" + | "TestReferences" + | "ConnectionString"; +export type SynchronizationStatusCode = "NotConfigured" | "NotRun" | "Active" | "Paused" | "Quarantine"; +export type SynchronizationTaskExecutionResult = "Succeeded" | "Failed" | "EntryLevelErrors"; +export type SystemManagementModeLevel = "notApplicable" | "level1" | "level2" | "level3" | "unknownFutureValue"; +export type TargetedManagedAppGroupType = "selectedPublicApps" | "allCoreMicrosoftApps" | "allMicrosoftApps" | "allApps"; +export type TargettedUserType = "unknown" | "clicked" | "compromised" | "allUsers" | "unknownFutureValue"; +export type TaskStatus = "notStarted" | "inProgress" | "completed" | "waitingOnOthers" | "deferred"; +export type TeamsAppDashboardCardSize = "medium" | "large" | "unknownFutureValue"; +export type TeamsAppDashboardCardSourceType = "bot" | "unknownFutureValue"; +export type TeamsAppDistributionMethod = "store" | "organization" | "sideloaded" | "unknownFutureValue"; +export type TeamsAppInstallationScopes = "team" | "groupChat" | "personal" | "unknownFutureValue"; +export type TeamsAppPublishingState = "submitted" | "rejected" | "published" | "unknownFutureValue"; +export type TeamsAppResourceSpecificPermissionType = "delegated" | "application" | "unknownFutureValue"; +export type TeamsAsyncOperationStatus = + | "invalid" + | "notStarted" + | "inProgress" + | "succeeded" + | "failed" + | "unknownFutureValue"; +export type TeamsAsyncOperationType = + | "invalid" + | "cloneTeam" + | "archiveTeam" + | "unarchiveTeam" + | "createTeam" + | "unknownFutureValue" + | "teamifyGroup" + | "createChannel" + | "createChat" + | "archiveChannel" + | "unarchiveChannel"; +export type TeamSpecialization = + | "none" + | "educationStandard" + | "educationClass" + | "educationProfessionalLearningCommunity" + | "educationStaff" + | "healthcareStandard" + | "healthcareCareCoordination" + | "unknownFutureValue"; +export type TeamTemplateAudience = "organization" | "user" | "public" | "unknownFutureValue"; +export type TeamVisibilityType = "private" | "public" | "hiddenMembership" | "unknownFutureValue"; +export type TeamworkActivityTopicSource = "entityUrl" | "text"; +export type TeamworkApplicationIdentityType = + | "aadApplication" + | "bot" + | "tenantBot" + | "office365Connector" + | "outgoingWebhook" + | "unknownFutureValue"; +export type TeamworkCallEventType = "call" | "meeting" | "screenShare" | "unknownFutureValue"; +export type TeamworkConnectionStatus = "unknown" | "connected" | "disconnected" | "unknownFutureValue"; +export type TeamworkConversationIdentityType = "team" | "channel" | "chat" | "unknownFutureValue"; +export type TeamworkDeviceActivityState = "unknown" | "busy" | "idle" | "unavailable" | "unknownFutureValue"; +export type TeamworkDeviceHealthStatus = + | "unknown" + | "offline" + | "critical" + | "nonUrgent" + | "healthy" + | "unknownFutureValue"; +export type TeamworkDeviceOperationType = + | "deviceRestart" + | "configUpdate" + | "deviceDiagnostics" + | "softwareUpdate" + | "deviceManagementAgentConfigUpdate" + | "remoteLogin" + | "remoteLogout" + | "unknownFutureValue"; +export type TeamworkDeviceType = + | "unknown" + | "ipPhone" + | "teamsRoom" + | "surfaceHub" + | "collaborationBar" + | "teamsDisplay" + | "touchConsole" + | "lowCostPhone" + | "teamsPanel" + | "sip" + | "unknownFutureValue"; +export type TeamworkSoftwareFreshness = "unknown" | "latest" | "updateAvailable" | "unknownFutureValue"; +export type TeamworkSoftwareType = + | "adminAgent" + | "operatingSystem" + | "teamsClient" + | "firmware" + | "partnerAgent" + | "companyPortal" + | "unknownFutureValue"; +export type TeamworkSupportedClient = + | "unknown" + | "skypeDefaultAndTeams" + | "teamsDefaultAndSkype" + | "skypeOnly" + | "teamsOnly" + | "unknownFutureValue"; +export type TeamworkTagType = "standard" | "unknownFutureValue"; +export type TeamworkUserIdentityType = + | "aadUser" + | "onPremiseAadUser" + | "anonymousGuest" + | "federatedUser" + | "personalMicrosoftAccountUser" + | "skypeUser" + | "phoneUser" + | "unknownFutureValue" + | "emailUser" + | "azureCommunicationServicesUser"; +export type TemplateApplicationLevel = "none" | "newPartners" | "existingPartners" | "unknownFutureValue"; +export type TemplateScenarios = + | "new" + | "secureFoundation" + | "zeroTrust" + | "remoteWork" + | "protectAdmins" + | "emergingThreats" + | "unknownFutureValue"; +export type ThreatAssessmentContentType = "mail" | "url" | "file"; +export type ThreatAssessmentRequestPivotProperty = "threatCategory" | "mailDestinationRoutingReason"; +export type ThreatAssessmentRequestSource = "undefined" | "user" | "administrator"; +export type ThreatAssessmentResultType = "checkPolicy" | "rescan" | "unknownFutureValue"; +export type ThreatAssessmentStatus = "pending" | "completed"; +export type ThreatCategory = "undefined" | "spam" | "phishing" | "malware" | "unknownFutureValue"; +export type ThreatExpectedAssessment = "block" | "unblock"; +export type TiAction = "unknown" | "allow" | "block" | "alert" | "unknownFutureValue"; +export type TimeCardState = "clockedIn" | "onBreak" | "clockedOut" | "unknownFutureValue"; +export type TimeOffReasonIconType = + | "none" + | "car" + | "calendar" | "running" - | "scheduled" - | "succeeded" - | "failed" - | "cancelled" - | "excluded" + | "plane" + | "firstAid" + | "doctor" + | "notWorking" + | "clock" + | "juryDuty" + | "globe" + | "cup" + | "phone" + | "weather" + | "umbrella" + | "piggyBank" + | "dog" + | "cake" + | "trafficCone" + | "pin" + | "sunny" | "unknownFutureValue"; -export type TargettedUserType = "unknown" | "clicked" | "compromised" | "allUsers" | "unknownFutureValue"; +export type TimeZoneStandard = "windows" | "iana"; +export type TitleAreaLayoutType = "imageAndTitle" | "plain" | "colorBlock" | "overlap" | "unknownFutureValue"; +export type TitleAreaTextAlignmentType = "left" | "center" | "unknownFutureValue"; +export type TlpLevel = "unknown" | "white" | "green" | "amber" | "red" | "unknownFutureValue"; +export type TokenIssuerType = + | "AzureAD" + | "ADFederationServices" + | "UnknownFutureValue" + | "AzureADBackupAuth" + | "ADFederationServicesMFAAdapter" + | "NPSExtension"; +export type TokenProtectionStatus = "none" | "bound" | "unbound" | "unknownFutureValue"; +export type Tone = + | "tone0" + | "tone1" + | "tone2" + | "tone3" + | "tone4" + | "tone5" + | "tone6" + | "tone7" + | "tone8" + | "tone9" + | "star" + | "pound" + | "a" + | "b" + | "c" + | "d" + | "flash"; export type TrainingAssignedTo = | "none" | "allUsers" @@ -5424,186 +5425,142 @@ export type TrainingSettingType = | "unknownFutureValue"; export type TrainingStatus = "unknown" | "assigned" | "inProgress" | "completed" | "overdue" | "unknownFutureValue"; export type TrainingType = "unknown" | "phishing" | "unknownFutureValue"; -export type AccountStatus = "unknown" | "staged" | "active" | "suspended" | "deleted" | "unknownFutureValue"; -export type AlertFeedback = "unknown" | "truePositive" | "falsePositive" | "benignPositive" | "unknownFutureValue"; -export type AlertStatus = "unknown" | "newAlert" | "inProgress" | "resolved" | "dismissed" | "unknownFutureValue"; -export type ApplicationPermissionsRequired = - | "unknown" - | "anonymous" - | "guest" - | "user" - | "administrator" - | "system" +export type TranslationBehavior = "Ask" | "Yes" | "No"; +export type UnifiedRoleScheduleRequestActions = + | "adminAssign" + | "adminUpdate" + | "adminRemove" + | "selfActivate" + | "selfDeactivate" + | "adminExtend" + | "adminRenew" + | "selfExtend" + | "selfRenew" | "unknownFutureValue"; -export type ConnectionDirection = "unknown" | "inbound" | "outbound" | "unknownFutureValue"; -export type ConnectionStatus = "unknown" | "attempted" | "succeeded" | "blocked" | "failed" | "unknownFutureValue"; -export type DiamondModel = "unknown" | "adversary" | "capability" | "infrastructure" | "victim" | "unknownFutureValue"; -export type EmailRole = "unknown" | "sender" | "recipient" | "unknownFutureValue"; -export type FileHashType = - | "unknown" - | "sha1" - | "sha256" - | "md5" - | "authenticodeHash256" - | "lsHash" - | "ctph" +export type UpdateClassification = "userDefined" | "recommendedAndImportant" | "important" | "none"; +export type UsageAuthMethod = + | "email" + | "mobileSMS" + | "mobileCall" + | "officePhone" + | "securityQuestion" + | "appNotification" + | "appCode" + | "alternateMobileCall" + | "fido" + | "appPassword" | "unknownFutureValue"; -export type LogonType = - | "unknown" - | "interactive" - | "remoteInteractive" - | "network" - | "batch" - | "service" +export type UsageRightState = "active" | "inactive" | "warning" | "suspended" | "unknownFutureValue"; +export type UserAccountSecurityType = "unknown" | "standard" | "power" | "administrator" | "unknownFutureValue"; +export type UserAction = "registerSecurityInformation" | "registerOrJoinDevices" | "unknownFutureValue"; +export type UserDefaultAuthenticationMethod = + | "push" + | "oath" + | "voiceMobile" + | "voiceAlternateMobile" + | "voiceOffice" + | "sms" + | "none" | "unknownFutureValue"; -export type ProcessIntegrityLevel = - | "unknown" - | "untrusted" - | "low" - | "medium" +export type UserDefaultAuthenticationMethodType = + | "push" + | "oath" + | "voiceMobile" + | "voiceAlternateMobile" + | "voiceOffice" + | "sms" + | "unknownFutureValue"; +export type UserEmailSource = "userPrincipalName" | "primarySmtpAddress"; +export type UserExperienceAnalyticsAnomalyCorrelationGroupPrevalence = "high" | "medium" | "low" | "unknownFutureValue"; +export type UserExperienceAnalyticsAnomalyDeviceFeatureType = + | "manufacturer" + | "model" + | "osVersion" + | "application" + | "driver" + | "unknownFutureValue"; +export type UserExperienceAnalyticsAnomalySeverity = | "high" - | "system" + | "medium" + | "low" + | "informational" + | "other" | "unknownFutureValue"; -export type RegistryHive = - | "unknown" - | "currentConfig" - | "currentUser" - | "localMachineSam" - | "localMachineSecurity" - | "localMachineSoftware" - | "localMachineSystem" - | "usersDefault" +export type UserExperienceAnalyticsAnomalyState = + | "new" + | "active" + | "disabled" + | "removed" + | "other" | "unknownFutureValue"; -export type RegistryOperation = "unknown" | "create" | "modify" | "delete" | "unknownFutureValue"; -export type RegistryValueType = - | "unknown" - | "binary" - | "dword" - | "dwordLittleEndian" - | "dwordBigEndian" - | "expandSz" - | "link" - | "multiSz" - | "none" - | "qword" - | "qwordlittleEndian" - | "sz" +export type UserExperienceAnalyticsAnomalyType = + | "device" + | "application" + | "stopError" + | "driver" + | "other" | "unknownFutureValue"; -export type SecurityNetworkProtocol = +export type UserExperienceAnalyticsDeviceStatus = "anomalous" | "affected" | "atRisk" | "unknownFutureValue"; +export type UserExperienceAnalyticsHealthState = | "unknown" - | "ip" - | "icmp" - | "igmp" - | "ggp" - | "ipv4" - | "tcp" - | "pup" - | "udp" - | "idp" - | "ipv6" - | "ipv6RoutingHeader" - | "ipv6FragmentHeader" - | "ipSecEncapsulatingSecurityPayload" - | "ipSecAuthenticationHeader" - | "icmpV6" - | "ipv6NoNextHeader" - | "ipv6DestinationOptions" - | "nd" - | "raw" - | "ipx" - | "spx" - | "spxII" - | "unknownFutureValue"; -export type SecurityResourceType = "unknown" | "attacked" | "related" | "unknownFutureValue"; -export type TiAction = "unknown" | "allow" | "block" | "alert" | "unknownFutureValue"; -export type TlpLevel = "unknown" | "white" | "green" | "amber" | "red" | "unknownFutureValue"; -export type UserAccountSecurityType = "unknown" | "standard" | "power" | "administrator" | "unknownFutureValue"; -export type AccessLevel = "everyone" | "invited" | "locked" | "sameEnterprise" | "sameEnterpriseAndFederated"; -export type AutoAdmittedUsersType = "everyoneInCompany" | "everyone"; -export type BroadcastMeetingAudience = "roleIsAttendee" | "organization" | "everyone" | "unknownFutureValue"; -export type CallDirection = "incoming" | "outgoing"; -export type CallDisposition = "default" | "simultaneousRing" | "forward"; -export type CallEventType = "callStarted" | "callEnded" | "unknownFutureValue"; -export type CallState = - | "incoming" - | "establishing" - | "ringing" - | "established" - | "hold" - | "transferring" - | "transferAccepted" - | "redirecting" - | "terminating" - | "terminated" + | "insufficientData" + | "needsAttention" + | "meetingGoals" | "unknownFutureValue"; -export type CallTranscriptionState = "notStarted" | "active" | "inactive" | "unknownFutureValue"; -export type ChangeType = "created" | "updated" | "deleted"; -export type EndpointType = - | "default" - | "voicemail" - | "skypeForBusiness" - | "skypeForBusinessVoipPhone" +export type UserExperienceAnalyticsInsightSeverity = + | "none" + | "informational" + | "warning" + | "error" | "unknownFutureValue"; -export type MediaDirection = "inactive" | "sendOnly" | "receiveOnly" | "sendReceive"; -export type MediaState = "active" | "inactive" | "unknownFutureValue"; -export type MeetingAudience = "everyone" | "organization" | "unknownFutureValue"; -export type MeetingCapabilities = "questionAndAnswer" | "unknownFutureValue"; -export type MeetingChatHistoryDefaultMode = "none" | "all" | "unknownFutureValue"; -export type MeetingRegistrantStatus = "registered" | "canceled" | "processing" | "unknownFutureValue"; -export type Modality = "unknown" | "audio" | "video" | "videoBasedScreenSharing" | "data" | "unknownFutureValue"; -export type OnlineMeetingContentSharingDisabledReason = "watermarkProtection" | "unknownFutureValue"; -export type OnlineMeetingRole = "attendee" | "presenter" | "unknownFutureValue" | "producer" | "coorganizer"; -export type OnlineMeetingVideoDisabledReason = "watermarkProtection" | "unknownFutureValue"; -export type PlayPromptCompletionReason = +export type UserExperienceAnalyticsMachineType = "unknown" | "physical" | "virtual" | "unknownFutureValue"; +export type UserExperienceAnalyticsOperatingSystemRestartCategory = | "unknown" - | "completedSuccessfully" - | "mediaOperationCanceled" + | "restartWithUpdate" + | "restartWithoutUpdate" + | "blueScreen" + | "shutdownWithUpdate" + | "shutdownWithoutUpdate" + | "longPowerButtonPress" + | "bootError" + | "update" | "unknownFutureValue"; -export type RecordCompletionReason = - | "operationCanceled" - | "stopToneDetected" - | "maxRecordDurationReached" - | "initialSilenceTimeout" - | "maxSilenceTimeout" - | "playPromptFailed" - | "playBeepFailed" - | "mediaReceiveTimeout" - | "unspecifiedError"; -export type RecordingStatus = "unknown" | "notRecording" | "recording" | "failed" | "unknownFutureValue"; -export type RejectReason = "none" | "busy" | "forbidden" | "unknownFutureValue"; -export type RoutingMode = "oneToOne" | "multicast"; -export type RoutingPolicy = +export type UserExperienceAnalyticsSummarizedBy = | "none" - | "noMissedCall" - | "disableForwardingExceptPhone" - | "disableForwarding" - | "preferSkypeForBusiness" + | "model" + | "allRegressions" + | "modelRegression" + | "manufacturerRegression" + | "operatingSystemVersionRegression" | "unknownFutureValue"; -export type RoutingType = "forwarded" | "lookup" | "selfFork" | "unknownFutureValue"; -export type ScreenSharingRole = "viewer" | "sharer"; -export type SendDtmfCompletionReason = +export type UserFlowType = + | "signUp" + | "signIn" + | "signUpOrSignIn" + | "passwordReset" + | "profileUpdate" + | "resourceOwner" + | "unknownFutureValue"; +export type UsernameSource = "userPrincipalName" | "primarySmtpAddress" | "samAccountName"; +export type UserNewMessageRestriction = "everyone" | "everyoneExceptGuests" | "moderators" | "unknownFutureValue"; +export type UserPfxIntendedPurpose = "unassigned" | "smimeEncryption" | "smimeSigning" | "vpn" | "wifi"; +export type UserPfxPaddingScheme = "none" | "pkcs1" | "oaepSha1" | "oaepSha256" | "oaepSha384" | "oaepSha512"; +export type UserPurpose = | "unknown" - | "completedSuccessfully" - | "mediaOperationCanceled" + | "user" + | "linked" + | "shared" + | "room" + | "equipment" + | "others" | "unknownFutureValue"; -export type Tone = - | "tone0" - | "tone1" - | "tone2" - | "tone3" - | "tone4" - | "tone5" - | "tone6" - | "tone7" - | "tone8" - | "tone9" - | "star" - | "pound" - | "a" - | "b" - | "c" - | "d" - | "flash"; +export type UserSignInRecommendationScope = "tenant" | "application" | "unknownFutureValue"; +export type UserType = "member" | "guest" | "unknownFutureValue"; +export type VerifiableCredentialPresentationStatusCode = + | "request_retrieved" + | "presentation_verified" + | "unknownFutureValue"; +export type VirtualAppointmentMessageType = "confirmation" | "reschedule" | "cancellation" | "unknownFutureValue"; export type VirtualEventAttendeeRegistrationStatus = | "registered" | "canceled" @@ -5629,229 +5586,487 @@ export type VirtualEventRegistrationQuestionAnswerInputType = | "boolean" | "unknownFutureValue"; export type VirtualEventStatus = "draft" | "published" | "canceled" | "unknownFutureValue"; -export type AttestationLevel = "attested" | "notAttested" | "unknownFutureValue"; -export type AuthenticationMethodKeyStrength = "normal" | "weak" | "unknown"; -export type AuthenticationMethodPlatform = +export type VisibilitySetting = "notConfigured" | "hide" | "show"; +export type VolumeType = "operatingSystemVolume" | "fixedDataVolume" | "removableDataVolume" | "unknownFutureValue"; +export type VpnAuthenticationMethod = + | "certificate" + | "usernameAndPassword" + | "sharedSecret" + | "derivedCredential" + | "azureAD"; +export type VpnClientAuthenticationType = "userAuthentication" | "deviceAuthentication"; +export type VpnDeadPeerDetectionRate = "medium" | "none" | "low" | "high"; +export type VpnEncryptionAlgorithmType = + | "aes256" + | "des" + | "tripleDes" + | "aes128" + | "aes128Gcm" + | "aes256Gcm" + | "aes192" + | "aes192Gcm" + | "chaCha20Poly1305"; +export type VpnIntegrityAlgorithmType = "sha2_256" | "sha1_96" | "sha1_160" | "sha2_384" | "sha2_512" | "md5"; +export type VpnLocalIdentifier = "deviceFQDN" | "empty" | "clientCertificateSubjectName"; +export type VpnOnDemandRuleConnectionAction = "connect" | "evaluateConnection" | "ignore" | "disconnect"; +export type VpnOnDemandRuleConnectionDomainAction = "connectIfNeeded" | "neverConnect"; +export type VpnOnDemandRuleInterfaceTypeMatch = "notConfigured" | "ethernet" | "wiFi" | "cellular"; +export type VpnProviderType = "notConfigured" | "appProxy" | "packetTunnel"; +export type VpnServerCertificateType = "rsa" | "ecdsa256" | "ecdsa384" | "ecdsa521"; +export type VpnServiceExceptionAction = "forceTrafficViaVPN" | "allowTrafficOutside" | "dropTraffic"; +export type VpnTrafficDirection = "outbound" | "inbound" | "unknownFutureValue"; +export type VpnTrafficRuleAppType = "none" | "desktop" | "universal"; +export type VpnTrafficRuleRoutingPolicyType = "none" | "splitTunnel" | "forceTunnel"; +export type VpnTunnelConfigurationType = "wifiAndCellular" | "cellular" | "wifi"; +export type VppTokenAccountType = "business" | "education"; +export type VppTokenActionFailureReason = + | "none" + | "appleFailure" + | "internalError" + | "expiredVppToken" + | "expiredApplePushNotificationCertificate"; +export type VppTokenState = | "unknown" - | "windows" - | "macOS" - | "iOS" - | "android" - | "linux" - | "unknownFutureValue"; -export type AuthenticationMethodSignInState = - | "notSupported" - | "notAllowedByPolicy" - | "notEnabled" - | "phoneNumberNotUnique" - | "ready" + | "valid" + | "expired" + | "invalid" + | "assignedToExternalMDM" + | "duplicateLocationId"; +export type VppTokenSyncStatus = "none" | "inProgress" | "completed" | "failed"; +export type WatermarkLayout = "horizontal" | "diagonal"; +export type WeakAlgorithms = "rsaSha1" | "unknownFutureValue"; +export type WebBrowserCookieSettings = + | "browserDefault" + | "blockAlways" + | "allowCurrentWebSite" + | "allowFromWebsitesVisited" + | "allowAlways"; +export type WebsiteType = "other" | "home" | "work" | "blog" | "profile"; +export type WeekIndex = "first" | "second" | "third" | "fourth" | "last"; +export type WeeklySchedule = + | "userDefined" + | "everyday" + | "sunday" + | "monday" + | "tuesday" + | "wednesday" + | "thursday" + | "friday" + | "saturday" + | "noScheduledScan"; +export type WelcomeScreenMeetingInformation = + | "userDefined" + | "showOrganizerAndTimeOnly" + | "showOrganizerAndTimeAndSubject"; +export type WellknownListName = "none" | "defaultList" | "flaggedEmails" | "unknownFutureValue"; +export type WiFiAuthenticationMethod = "certificate" | "usernameAndPassword" | "derivedCredential"; +export type WifiAuthenticationType = "none" | "user" | "machine" | "machineOrUser" | "guest"; +export type WiFiProxySetting = "none" | "manual" | "automatic" | "unknownFutureValue"; +export type WiFiSecurityType = "open" | "wpaPersonal" | "wpaEnterprise" | "wep" | "wpa2Personal" | "wpa2Enterprise"; +export type Win32LobAppAutoUpdateSupersededApps = "notConfigured" | "enabled" | "unknownFutureValue"; +export type Win32LobAppDeliveryOptimizationPriority = "notConfigured" | "foreground"; +export type Win32LobAppDetectionOperator = + | "notConfigured" + | "equal" + | "notEqual" + | "greaterThan" + | "greaterThanOrEqual" + | "lessThan" + | "lessThanOrEqual"; +export type Win32LobAppFileSystemDetectionType = + | "notConfigured" + | "exists" + | "modifiedDate" + | "createdDate" + | "version" + | "sizeInMB" + | "doesNotExist"; +export type Win32LobAppFileSystemOperationType = + | "notConfigured" + | "exists" + | "modifiedDate" + | "createdDate" + | "version" + | "sizeInMB" + | "doesNotExist" + | "sizeInBytes" + | "appVersion" + | "unknownFutureValue"; +export type Win32LobAppMsiPackageType = "perMachine" | "perUser" | "dualPurpose"; +export type Win32LobAppNotification = "showAll" | "showReboot" | "hideAll"; +export type Win32LobAppPowerShellScriptDetectionType = | "notConfigured" - | "unknownFutureValue"; -export type AuthenticationPhoneType = "mobile" | "alternateMobile" | "office" | "unknownFutureValue"; -export type MicrosoftAuthenticatorAuthenticationMethodClientAppName = - | "microsoftAuthenticator" - | "outlookMobile" - | "unknownFutureValue"; -export type UserDefaultAuthenticationMethodType = - | "push" - | "oath" - | "voiceMobile" - | "voiceAlternateMobile" - | "voiceOffice" - | "sms" - | "unknownFutureValue"; -export type LifecycleEventType = "missed" | "subscriptionRemoved" | "reauthorizationRequired"; -export type BinaryOperator = "or" | "and"; -export type AccessType = "grant" | "deny"; -export type AclType = "user" | "group" | "everyone" | "everyoneExceptGuests" | "externalGroup" | "unknownFutureValue"; -export type ConnectionOperationStatus = "unspecified" | "inprogress" | "completed" | "failed"; -export type ConnectionState = "draft" | "ready" | "obsolete" | "limitExceeded" | "unknownFutureValue"; -export type ExternalItemContentType = "text" | "html" | "unknownFutureValue"; -export type IdentitySourceType = "azureActiveDirectory" | "external"; -export type Label = - | "title" - | "url" - | "createdBy" - | "lastModifiedBy" - | "authors" - | "createdDateTime" - | "lastModifiedDateTime" - | "fileName" - | "fileExtension"; -export type PropertyType = | "string" - | "int64" - | "double" | "dateTime" - | "boolean" - | "stringCollection" - | "int64Collection" - | "doubleCollection" - | "dateTimeCollection"; -export type CallRecordingStatus = "success" | "failure" | "initial" | "chunkFinished" | "unknownFutureValue"; -export type ChannelMembershipType = "standard" | "private" | "unknownFutureValue" | "shared"; -export type ChatMessageActions = "reactionAdded" | "reactionRemoved" | "actionUndefined" | "unknownFutureValue"; -export type ChatMessageImportance = "normal" | "high" | "urgent"; -export type ChatMessagePolicyViolationDlpActionTypes = "none" | "notifySender" | "blockAccess" | "blockAccessExternal"; -export type ChatMessagePolicyViolationUserActionTypes = "none" | "override" | "reportFalsePositive"; -export type ChatMessagePolicyViolationVerdictDetailsTypes = - | "none" - | "allowFalsePositiveOverride" - | "allowOverrideWithoutJustification" - | "allowOverrideWithJustification"; -export type ChatMessageType = "message" | "chatEvent" | "typing" | "unknownFutureValue" | "systemEventMessage"; -export type ChatType = "oneOnOne" | "group" | "meeting" | "unknownFutureValue"; -export type ClonableTeamParts = "apps" | "tabs" | "settings" | "channels" | "members"; -export type GiphyRatingType = "strict" | "moderate" | "unknownFutureValue"; -export type ReplyRestriction = "everyone" | "authorAndModerators" | "unknownFutureValue"; -export type TeamsAppDistributionMethod = "store" | "organization" | "sideloaded" | "unknownFutureValue"; -export type TeamsAppInstallationScopes = "team" | "groupChat" | "personal" | "unknownFutureValue"; -export type TeamsAppPublishingState = "submitted" | "rejected" | "published" | "unknownFutureValue"; -export type TeamsAppResourceSpecificPermissionType = "delegated" | "application" | "unknownFutureValue"; -export type TeamsAsyncOperationStatus = - | "invalid" - | "notStarted" - | "inProgress" - | "succeeded" - | "failed" + | "integer" + | "float" + | "version" + | "boolean"; +export type Win32LobAppPowerShellScriptRuleOperationType = + | "notConfigured" + | "string" + | "dateTime" + | "integer" + | "float" + | "version" + | "boolean"; +export type Win32LobAppRegistryDetectionType = + | "notConfigured" + | "exists" + | "doesNotExist" + | "string" + | "integer" + | "version"; +export type Win32LobAppRegistryRuleOperationType = + | "notConfigured" + | "exists" + | "doesNotExist" + | "string" + | "integer" + | "version" + | "appVersion" | "unknownFutureValue"; -export type TeamsAsyncOperationType = - | "invalid" - | "cloneTeam" - | "archiveTeam" - | "unarchiveTeam" - | "createTeam" +export type Win32LobAppRestartBehavior = "basedOnReturnCode" | "allow" | "suppress" | "force"; +export type Win32LobAppReturnCodeType = "failed" | "success" | "softReboot" | "hardReboot" | "retry"; +export type Win32LobAppRuleOperator = + | "notConfigured" + | "equal" + | "notEqual" + | "greaterThan" + | "greaterThanOrEqual" + | "lessThan" + | "lessThanOrEqual"; +export type Win32LobAppRuleType = "detection" | "requirement"; +export type Windows10AppsUpdateRecurrence = "none" | "daily" | "weekly" | "monthly"; +export type Windows10AppType = "desktop" | "universal"; +export type Windows10DeviceModeType = "standardConfiguration" | "sModeConfiguration"; +export type Windows10EditionType = + | "windows10Enterprise" + | "windows10EnterpriseN" + | "windows10Education" + | "windows10EducationN" + | "windows10MobileEnterprise" + | "windows10HolographicEnterprise" + | "windows10Professional" + | "windows10ProfessionalN" + | "windows10ProfessionalEducation" + | "windows10ProfessionalEducationN" + | "windows10ProfessionalWorkstation" + | "windows10ProfessionalWorkstationN" + | "notConfigured" + | "windows10Home" + | "windows10HomeChina" + | "windows10HomeN" + | "windows10HomeSingleLanguage" + | "windows10Mobile" + | "windows10IoTCore" + | "windows10IoTCoreCommercial"; +export type Windows10VpnAuthenticationMethod = + | "certificate" + | "usernameAndPassword" + | "customEapXml" + | "derivedCredential"; +export type Windows10VpnConnectionType = + | "pulseSecure" + | "f5EdgeClient" + | "dellSonicWallMobileConnect" + | "checkPointCapsuleVpn" + | "automatic" + | "ikEv2" + | "l2tp" + | "pptp" + | "citrix" + | "paloAltoGlobalProtect" + | "ciscoAnyConnect" | "unknownFutureValue" - | "teamifyGroup" - | "createChannel" - | "createChat"; -export type TeamSpecialization = - | "none" - | "educationStandard" - | "educationClass" - | "educationProfessionalLearningCommunity" - | "educationStaff" - | "healthcareStandard" - | "healthcareCareCoordination" - | "unknownFutureValue"; -export type TeamTemplateAudience = "organization" | "user" | "public" | "unknownFutureValue"; -export type TeamVisibilityType = "private" | "public" | "hiddenMembership" | "unknownFutureValue"; -export type TeamworkActivityTopicSource = "entityUrl" | "text"; -export type TeamworkApplicationIdentityType = - | "aadApplication" - | "bot" - | "tenantBot" - | "office365Connector" - | "outgoingWebhook" - | "unknownFutureValue"; -export type TeamworkCallEventType = "call" | "meeting" | "screenShare" | "unknownFutureValue"; -export type TeamworkConnectionStatus = "unknown" | "connected" | "disconnected" | "unknownFutureValue"; -export type TeamworkConversationIdentityType = "team" | "channel" | "chat" | "unknownFutureValue"; -export type TeamworkDeviceActivityState = "unknown" | "busy" | "idle" | "unavailable" | "unknownFutureValue"; -export type TeamworkDeviceHealthStatus = + | "microsoftTunnel"; +export type Windows10VpnProfileTarget = "user" | "device" | "autoPilotDevice"; +export type WindowsAppStartLayoutTileSize = "hidden" | "small" | "medium" | "wide" | "large"; +export type WindowsArchitecture = "none" | "x86" | "x64" | "arm" | "neutral" | "arm64"; +export type WindowsAutopilotDeploymentState = | "unknown" - | "offline" - | "critical" - | "nonUrgent" - | "healthy" - | "unknownFutureValue"; -export type TeamworkDeviceOperationType = - | "deviceRestart" - | "configUpdate" - | "deviceDiagnostics" - | "softwareUpdate" - | "deviceManagementAgentConfigUpdate" - | "remoteLogin" - | "remoteLogout" - | "unknownFutureValue"; -export type TeamworkDeviceType = + | "success" + | "inProgress" + | "failure" + | "successWithTimeout" + | "notAttempted" + | "disabled" + | "successOnRetry"; +export type WindowsAutopilotDeviceRemediationState = | "unknown" - | "ipPhone" - | "teamsRoom" - | "surfaceHub" - | "collaborationBar" - | "teamsDisplay" - | "touchConsole" - | "lowCostPhone" - | "teamsPanel" - | "sip" + | "noRemediationRequired" + | "automaticRemediationRequired" + | "manualRemediationRequired" | "unknownFutureValue"; -export type TeamworkSoftwareFreshness = "unknown" | "latest" | "updateAvailable" | "unknownFutureValue"; -export type TeamworkSoftwareType = - | "adminAgent" - | "operatingSystem" - | "teamsClient" - | "firmware" - | "partnerAgent" - | "companyPortal" +export type WindowsAutopilotDeviceType = + | "windowsPc" + | "surfaceHub2" + | "holoLens" + | "surfaceHub2S" + | "virtualMachine" | "unknownFutureValue"; -export type TeamworkSupportedClient = +export type WindowsAutopilotEnrollmentType = | "unknown" - | "skypeDefaultAndTeams" - | "teamsDefaultAndSkype" - | "skypeOnly" - | "teamsOnly" - | "unknownFutureValue"; -export type TeamworkTagType = "standard" | "unknownFutureValue"; -export type TeamworkUserIdentityType = - | "aadUser" - | "onPremiseAadUser" - | "anonymousGuest" - | "federatedUser" - | "personalMicrosoftAccountUser" - | "skypeUser" - | "phoneUser" - | "unknownFutureValue" - | "emailUser" - | "azureCommunicationServicesUser"; -export type UserNewMessageRestriction = "everyone" | "everyoneExceptGuests" | "moderators" | "unknownFutureValue"; -export type ConfirmedBy = "none" | "user" | "manager" | "unknownFutureValue"; -export type EligibilityFilteringEnabledEntities = + | "azureADJoinedWithAutopilotProfile" + | "offlineDomainJoined" + | "azureADJoinedUsingDeviceAuthWithAutopilotProfile" + | "azureADJoinedUsingDeviceAuthWithoutAutopilotProfile" + | "azureADJoinedWithOfflineAutopilotProfile" + | "azureADJoinedWithWhiteGlove" + | "offlineDomainJoinedWithWhiteGlove" + | "offlineDomainJoinedWithOfflineAutopilotProfile"; +export type WindowsAutopilotProfileAssignmentDetailedStatus = | "none" - | "swapRequest" - | "offerShiftRequest" - | "unknownFutureValue" - | "timeOffReason"; -export type ScheduleChangeRequestActor = "sender" | "recipient" | "manager" | "system" | "unknownFutureValue"; -export type ScheduleChangeState = "pending" | "approved" | "declined" | "unknownFutureValue"; -export type ScheduleEntityTheme = - | "white" - | "blue" - | "green" - | "purple" - | "pink" - | "yellow" - | "gray" - | "darkBlue" - | "darkGreen" - | "darkPurple" - | "darkPink" - | "darkYellow" + | "hardwareRequirementsNotMet" + | "surfaceHubProfileNotSupported" + | "holoLensProfileNotSupported" + | "windowsPcProfileNotSupported" + | "surfaceHub2SProfileNotSupported" | "unknownFutureValue"; -export type TimeCardState = "clockedIn" | "onBreak" | "clockedOut" | "unknownFutureValue"; -export type TimeOffReasonIconType = - | "none" - | "car" +export type WindowsAutopilotProfileAssignmentStatus = + | "unknown" + | "assignedInSync" + | "assignedOutOfSync" + | "assignedUnkownSyncState" + | "notAssigned" + | "pending" + | "failed"; +export type WindowsAutopilotSyncStatus = "unknown" | "inProgress" | "completed" | "failed"; +export type WindowsAutopilotUserlessEnrollmentStatus = "unknown" | "allowed" | "blocked" | "unknownFutureValue"; +export type WindowsDefenderApplicationControlSupplementalPolicyStatuses = + | "unknown" + | "success" + | "tokenError" + | "notAuthorizedByToken" + | "policyNotFound"; +export type WindowsDefenderProductStatus = + | "noStatus" + | "serviceNotRunning" + | "serviceStartedWithoutMalwareProtection" + | "pendingFullScanDueToThreatAction" + | "pendingRebootDueToThreatAction" + | "pendingManualStepsDueToThreatAction" + | "avSignaturesOutOfDate" + | "asSignaturesOutOfDate" + | "noQuickScanHappenedForSpecifiedPeriod" + | "noFullScanHappenedForSpecifiedPeriod" + | "systemInitiatedScanInProgress" + | "systemInitiatedCleanInProgress" + | "samplesPendingSubmission" + | "productRunningInEvaluationMode" + | "productRunningInNonGenuineMode" + | "productExpired" + | "offlineScanRequired" + | "serviceShutdownAsPartOfSystemShutdown" + | "threatRemediationFailedCritically" + | "threatRemediationFailedNonCritically" + | "noStatusFlagsSet" + | "platformOutOfDate" + | "platformUpdateInProgress" + | "platformAboutToBeOutdated" + | "signatureOrPlatformEndOfLifeIsPastOrIsImpending" + | "windowsSModeSignaturesInUseOnNonWin10SInstall"; +export type WindowsDefenderTamperProtectionOptions = "notConfigured" | "enable" | "disable"; +export type WindowsDeliveryOptimizationMode = + | "userDefined" + | "httpOnly" + | "httpWithPeeringNat" + | "httpWithPeeringPrivateGroup" + | "httpWithInternetPeering" + | "simpleDownload" + | "bypassMode"; +export type WindowsDeviceHealthState = + | "clean" + | "fullScanPending" + | "rebootPending" + | "manualStepsPending" + | "offlineScanPending" + | "critical"; +export type WindowsDeviceType = "none" | "desktop" | "mobile" | "holographic" | "team" | "unknownFutureValue"; +export type WindowsDeviceUsageType = "singleUser" | "shared"; +export type WindowsDriverUpdateProfileInventorySyncState = "pending" | "success" | "failure"; +export type WindowsEdgeKioskType = "publicBrowsing" | "fullScreen"; +export type WindowsFirewallRuleInterfaceTypes = "notConfigured" | "remoteAccess" | "wireless" | "lan"; +export type WindowsFirewallRuleNetworkProfileTypes = "notConfigured" | "domain" | "private" | "public"; +export type WindowsFirewallRuleTrafficDirectionType = "notConfigured" | "out" | "in"; +export type WindowsHealthMonitoringScope = + | "undefined" + | "healthMonitoring" + | "bootPerformance" + | "windowsUpdates" + | "privilegeManagement"; +export type WindowsHelloForBusinessPinUsage = "allowed" | "required" | "disallowed"; +export type WindowsInformationProtectionEnforcementLevel = + | "noProtection" + | "encryptAndAuditOnly" + | "encryptAuditAndPrompt" + | "encryptAuditAndBlock"; +export type WindowsInformationProtectionPinCharacterRequirements = "notAllow" | "requireAtLeastOne" | "allow"; +export type WindowsKioskAppType = "unknown" | "store" | "desktop" | "aumId"; +export type WindowsMalwareCategory = + | "invalid" + | "adware" + | "spyware" + | "passwordStealer" + | "trojanDownloader" + | "worm" + | "backdoor" + | "remoteAccessTrojan" + | "trojan" + | "emailFlooder" + | "keylogger" + | "dialer" + | "monitoringSoftware" + | "browserModifier" + | "cookie" + | "browserPlugin" + | "aolExploit" + | "nuker" + | "securityDisabler" + | "jokeProgram" + | "hostileActiveXControl" + | "softwareBundler" + | "stealthNotifier" + | "settingsModifier" + | "toolBar" + | "remoteControlSoftware" + | "trojanFtp" + | "potentialUnwantedSoftware" + | "icqExploit" + | "trojanTelnet" + | "exploit" + | "filesharingProgram" + | "malwareCreationTool" + | "remote_Control_Software" + | "tool" + | "trojanDenialOfService" + | "trojanDropper" + | "trojanMassMailer" + | "trojanMonitoringSoftware" + | "trojanProxyServer" + | "virus" + | "known" + | "unknown" + | "spp" + | "behavior" + | "vulnerability" + | "policy" + | "enterpriseUnwantedSoftware" + | "ransom" + | "hipsRule"; +export type WindowsMalwareExecutionState = "unknown" | "blocked" | "allowed" | "running" | "notRunning"; +export type WindowsMalwareSeverity = "unknown" | "low" | "moderate" | "high" | "severe"; +export type WindowsMalwareState = + | "unknown" + | "detected" + | "cleaned" + | "quarantined" + | "removed" + | "allowed" + | "blocked" + | "cleanFailed" + | "quarantineFailed" + | "removeFailed" + | "allowFailed" + | "abandoned" + | "blockFailed"; +export type WindowsMalwareThreatState = + | "active" + | "actionFailed" + | "manualStepsRequired" + | "fullScanRequired" + | "rebootRequired" + | "remediatedWithNonCriticalFailures" + | "quarantined" + | "removed" + | "cleaned" + | "allowed" + | "noStatusCleared"; +export type WindowsManagedAppClipboardSharingLevel = "anyDestinationAnySource" | "none"; +export type WindowsManagedAppDataTransferLevel = "allApps" | "none"; +export type WindowsPrivacyDataAccessLevel = "notConfigured" | "forceAllow" | "forceDeny" | "userInControl"; +export type WindowsPrivacyDataCategory = + | "notConfigured" + | "accountInfo" + | "appsRunInBackground" | "calendar" - | "running" - | "plane" - | "firstAid" - | "doctor" - | "notWorking" - | "clock" - | "juryDuty" - | "globe" - | "cup" + | "callHistory" + | "camera" + | "contacts" + | "diagnosticsInfo" + | "email" + | "location" + | "messaging" + | "microphone" + | "motion" + | "notifications" | "phone" - | "weather" - | "umbrella" - | "piggyBank" - | "dog" - | "cake" - | "trafficCone" - | "pin" - | "sunny" + | "radios" + | "tasks" + | "syncWithDevices" + | "trustedDevices"; +export type WindowsQualityUpdateClassification = "all" | "security" | "nonSecurity"; +export type WindowsSettingType = "roaming" | "backup" | "unknownFutureValue"; +export type WindowsSModeConfiguration = "noRestriction" | "block" | "unlock"; +export type WindowsSpotlightEnablementSettings = "notConfigured" | "disabled" | "enabled"; +export type WindowsStartMenuAppListVisibilityType = "userDefined" | "collapse" | "remove" | "disableSettingsApp"; +export type WindowsStartMenuModeType = "userDefined" | "fullScreen" | "nonFullScreen"; +export type WindowsUpdateForBusinessUpdateWeeks = + | "userDefined" + | "firstWeek" + | "secondWeek" + | "thirdWeek" + | "fourthWeek" + | "everyWeek" + | "unknownFutureValue"; +export type WindowsUpdateNotificationDisplayOption = + | "notConfigured" + | "defaultNotifications" + | "restartWarningsOnly" + | "disableAllNotifications" + | "unknownFutureValue"; +export type WindowsUpdateStatus = "upToDate" | "pendingInstallation" | "pendingReboot" | "failed"; +export type WindowsUpdateType = + | "userDefined" + | "all" + | "businessReadyOnly" + | "windowsInsiderBuildFast" + | "windowsInsiderBuildSlow" + | "windowsInsiderBuildRelease"; +export type WindowsUserAccountControlSettings = + | "userDefined" + | "alwaysNotify" + | "notifyOnAppChanges" + | "notifyOnAppChangesWithoutDimming" + | "neverNotify"; +export type WindowsUserType = "administrator" | "standard"; +export type WindowsVpnConnectionType = + | "pulseSecure" + | "f5EdgeClient" + | "dellSonicWallMobileConnect" + | "checkPointCapsuleVpn"; +export type WinGetAppNotification = "showAll" | "showReboot" | "hideAll" | "unknownFutureValue"; +export type WiredNetworkAuthenticationMethod = + | "certificate" + | "usernameAndPassword" + | "derivedCredential" + | "unknownFutureValue"; +export type WiredNetworkAuthenticationType = + | "none" + | "user" + | "machine" + | "machineOrUser" + | "guest" | "unknownFutureValue"; +export type WiredNetworkInterface = + | "anyEthernet" + | "firstActiveEthernet" + | "secondActiveEthernet" + | "thirdActiveEthernet" + | "firstEthernet" + | "secondEthernet" + | "thirdEthernet"; +export type WorkbookOperationStatus = "notStarted" | "running" | "succeeded" | "failed"; export type WorkforceIntegrationEncryptionProtocol = "sharedSecret" | "unknownFutureValue"; export type WorkforceIntegrationSupportedEntities = | "none" @@ -5866,6301 +6081,6631 @@ export type WorkforceIntegrationSupportedEntities = | "timeOffReason" | "timeOff" | "timeOffRequest"; -export type MailDestinationRoutingReason = - | "none" - | "mailFlowRule" - | "safeSender" - | "blockedSender" - | "advancedSpamFiltering" - | "domainAllowList" - | "domainBlockList" - | "notInAddressBook" - | "firstTimeSender" - | "autoPurgeToInbox" - | "autoPurgeToJunk" - | "autoPurgeToDeleted" - | "outbound" - | "notJunk" - | "junk" +export type WorkplaceSensorType = "occupancy" | "peopleCount" | "inferredOccupancy" | "heartbeat" | "unknownFutureValue"; +export type X509CertificateAffinityLevel = "low" | "high" | "unknownFutureValue"; +export type X509CertificateAuthenticationMode = + | "x509CertificateSingleFactor" + | "x509CertificateMultiFactor" | "unknownFutureValue"; -export type ThreatAssessmentContentType = "mail" | "url" | "file"; -export type ThreatAssessmentRequestPivotProperty = "threatCategory" | "mailDestinationRoutingReason"; -export type ThreatAssessmentRequestSource = "undefined" | "user" | "administrator"; -export type ThreatAssessmentResultType = "checkPolicy" | "rescan" | "unknownFutureValue"; -export type ThreatAssessmentStatus = "pending" | "completed"; -export type ThreatCategory = "undefined" | "spam" | "phishing" | "malware" | "unknownFutureValue"; -export type ThreatExpectedAssessment = "block" | "unblock"; -export type WellknownListName = "none" | "defaultList" | "flaggedEmails" | "unknownFutureValue"; -export type AssignmentType = "required" | "recommended" | "unknownFutureValue"; -export type CourseStatus = "notStarted" | "inProgress" | "completed" | "unknownFutureValue"; -export interface Entity { - // The unique identifier for an entity. Read-only. - id?: string; -} -export interface DirectoryObject extends Entity { - // Date and time when this object was deleted. Always null when the object hasn't been deleted. - deletedDateTime?: NullableOption; -} -export interface Application extends DirectoryObject { - // Specifies settings for an application that implements a web API. - api?: NullableOption; - /** - * The unique identifier for the application that is assigned by Microsoft Entra ID. Not nullable. Read-only. Alternate - * key. Supports $filter (eq). - */ - appId?: NullableOption; - /** - * The collection of roles defined for the application. With app role assignments, these roles can be assigned to users, - * groups, or service principals associated with other applications. Not nullable. - */ - appRoles?: AppRole[]; - /** - * The collection of authentication behaviors set for the application. Authentication behaviors are unset by default and - * must be explicitly enabled (or disabled). Returned only on $select. For more information about authentication - * behaviors, see Manage application authenticationBehaviors to avoid unverified use of email claims for user - * identification or authorization. - */ - authenticationBehaviors?: NullableOption; - // Specifies the certification status of the application. - certification?: NullableOption; - /** - * The date and time the application was registered. The DateTimeOffset type represents date and time information using - * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. - * Supports $filter (eq, ne, not, ge, le, in, and eq on null values) and $orderby. - */ - createdDateTime?: NullableOption; - /** - * The default redirect URI. If specified and there is no explicit redirect URI in the sign-in request for SAML and OIDC - * flows, Microsoft Entra ID sends the token to this redirect URI. Microsoft Entra ID also sends the token to this default - * URI in SAML IdP-initiated single sign-on. The value must match one of the configured redirect URIs for the application. - */ - defaultRedirectUri?: NullableOption; - /** - * Free text field to provide a description of the application object to end users. The maximum allowed size is 1024 - * characters. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. - */ - description?: NullableOption; - /** - * Specifies whether Microsoft has disabled the registered application. Possible values are: null (default value), - * NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons may include suspicious, abusive, or malicious - * activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). - */ - disabledByMicrosoftStatus?: NullableOption; - /** - * The display name for the application. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), - * $search, and $orderby. - */ - displayName?: NullableOption; - /** - * Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. To set this - * attribute, use one of the following string values: None, SecurityGroup (for security groups and Microsoft Entra roles), - * All (this gets all security groups, distribution groups, and Microsoft Entra directory roles that the signed-in user is - * a member of). - */ - groupMembershipClaims?: NullableOption; - /** - * Also known as App ID URI, this value is set when an application is used as a resource app. The identifierUris acts as - * the prefix for the scopes you'll reference in your API's code, and it must be globally unique. You can use the default - * value provided, which is in the form api://<application-client-id>, or specify a more readable URI like - * https://contoso.com/api. For more information on valid identifierUris patterns and best practices, see Microsoft Entra - * application registration security best practices. Not nullable. Supports $filter (eq, ne, ge, le, startsWith). - */ - identifierUris?: string[]; - /** - * Basic profile information of the application, such as it's marketing, support, terms of service, and privacy statement - * URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more - * information, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports - * $filter (eq, ne, not, ge, le, and eq on null values). - */ - info?: NullableOption; - // Specifies whether this application supports device authentication without a user. The default is false. - isDeviceOnlyAuthSupported?: NullableOption; - /** - * Specifies the fallback application type as public client, such as an installed application running on a mobile device. - * The default value is false which means the fallback application type is confidential client such as a web app. There - * are certain scenarios where Microsoft Entra ID cannot determine the client application type. For example, the ROPC flow - * where the application is configured without specifying a redirect URI. In those cases Microsoft Entra ID interprets the - * application type based on the value of this property. - */ - isFallbackPublicClient?: NullableOption; - // The collection of key credentials associated with the application. Not nullable. Supports $filter (eq, not, ge, le). - keyCredentials?: KeyCredential[]; - // The main logo for the application. Not nullable. - logo?: any; - // Notes relevant for the management of the application. - notes?: NullableOption; - /** - * Application developers can configure optional claims in their Microsoft Entra applications to specify the claims that - * are sent to their application by the Microsoft security token service. For more information, see How to: Provide - * optional claims to your app. - */ - optionalClaims?: NullableOption; - // Specifies parental control settings for an application. - parentalControlSettings?: NullableOption; - // The collection of password credentials associated with the application. Not nullable. - passwordCredentials?: PasswordCredential[]; - // Specifies settings for installed clients such as desktop or mobile devices. - publicClient?: NullableOption; - // The verified publisher domain for the application. Read-only. Supports $filter (eq, ne, ge, le, startsWith). - publisherDomain?: NullableOption; - // Specifies whether this application requires Microsoft Entra ID to verify the signed authentication requests. - requestSignatureVerification?: NullableOption; - /** - * Specifies the resources that the application needs to access. This property also specifies the set of delegated - * permissions and application roles that it needs for each of those resources. This configuration of access to the - * required resources drives the consent experience. No more than 50 resource services (APIs) can be configured. Beginning - * mid-October 2021, the total number of required permissions must not exceed 400. For more information, see Limits on - * requested permissions per app. Not nullable. Supports $filter (eq, not, ge, le). - */ - requiredResourceAccess?: RequiredResourceAccess[]; - /** - * The URL where the service exposes SAML metadata for federation. This property is valid only for single-tenant - * applications. Nullable. - */ - samlMetadataUrl?: NullableOption; - // References application or service contact information from a Service or Asset Management database. Nullable. - serviceManagementReference?: NullableOption; - /** - * Specifies whether sensitive properties of a multi-tenant application should be locked for editing after the application - * is provisioned in a tenant. Nullable. null by default. - */ - servicePrincipalLockConfiguration?: NullableOption; - /** - * Specifies the Microsoft accounts that are supported for the current application. The possible values are: AzureADMyOrg, - * AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount (default), and PersonalMicrosoftAccount. See more in the table. - * The value of this object also limits the number of permissions an app can request. For more information, see Limits on - * requested permissions per app. The value for this property has implications on other app object properties. As a - * result, if you change this property, you may need to change other properties first. For more information, see - * Validation differences for signInAudience.Supports $filter (eq, ne, not). - */ - signInAudience?: NullableOption; - /** - * Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and - * access tokens. - */ - spa?: NullableOption; - /** - * Custom strings that can be used to categorize and identify the application. Not nullable. Strings added here will also - * appear in the tags property of any associated service principals.Supports $filter (eq, not, ge, le, startsWith) and - * $search. - */ - tags?: string[]; - /** - * Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID encrypts - * all the tokens it emits by using the key this property points to. The application code that receives the encrypted - * token must use the matching private key to decrypt the token before it can be used for the signed-in user. - */ - tokenEncryptionKeyId?: NullableOption; - // The unique identifier that can be assigned to an application as an alternative identifier. Immutable. Read-only. - uniqueName?: NullableOption; - /** - * Specifies the verified publisher of the application. For more information about how publisher verification helps - * support application security, trustworthiness, and compliance, see Publisher verification. - */ - verifiedPublisher?: NullableOption; - // Specifies settings for a web application. - web?: NullableOption; - // Specifies settings for apps running Microsoft Windows and published in the Microsoft Store or Xbox games store. - windows?: NullableOption; - /** - * Represents the set of properties required for configuring Application Proxy for this application. Configuring these - * properties allows you to publish your on-premises application for secure remote access. - */ - onPremisesPublishing?: NullableOption; - // The appManagementPolicy applied to this application. - appManagementPolicies?: NullableOption; - // Supports $filter (/$count eq 0, /$count ne 0). Read-only. - createdOnBehalfOf?: NullableOption; - // Read-only. Nullable. Supports $expand and $filter (/$count eq 0, /$count ne 0). - extensionProperties?: NullableOption; - // Federated identities for applications. Supports $expand and $filter (startsWith, /$count eq 0, /$count ne 0). - federatedIdentityCredentials?: NullableOption; - homeRealmDiscoveryPolicies?: NullableOption; - /** - * Directory objects that are owners of the application. Read-only. Nullable. Supports $expand, $filter (/$count eq 0, - * /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. - */ - owners?: NullableOption; - tokenIssuancePolicies?: NullableOption; - // The tokenLifetimePolicies assigned to this application. Supports $expand. - tokenLifetimePolicies?: NullableOption; - // The connectorGroup the application is using with Microsoft Entra application proxy. Nullable. - connectorGroup?: NullableOption; - // Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. - synchronization?: NullableOption; -} -export interface PolicyBase extends DirectoryObject { - // Description for this policy. Required. - description?: string; - // Display name for this policy. Required. - displayName?: string; -} -export interface AppManagementPolicy extends PolicyBase { - // Denotes whether the policy is enabled. - isEnabled?: boolean; - // Restrictions that apply to an application or service principal object. - restrictions?: NullableOption; - // Collection of application and service principals to which a policy is applied. - appliesTo?: NullableOption; -} -export interface ExtensionProperty extends DirectoryObject { - // Display name of the application object on which this extension property is defined. Read-only. - appDisplayName?: NullableOption; - /** - * Specifies the data type of the value the extension property can hold. Following values are supported. Not nullable. - * Binary - 256 bytes maximumBooleanDateTime - Must be specified in ISO 8601 format. Will be stored in UTC.Integer - - * 32-bit value.LargeInteger - 64-bit value.String - 256 characters maximum - */ - dataType?: string; - /** - * Defines the directory extension as a multi-valued property. When true, the directory extension property can store a - * collection of objects of the dataType; for example, a collection of integers. The default value is false. - */ - isMultiValued?: boolean; - /** - * Indicates if this extension property was synced from on-premises active directory using Microsoft Entra Connect. - * Read-only. - */ - isSyncedFromOnPremises?: NullableOption; - // Name of the extension property. Not nullable. Supports $filter (eq). - name?: string; - // Following values are supported. Not nullable. UserGroupAdministrativeUnitApplicationDeviceOrganization - targetObjects?: string[]; -} -export interface FederatedIdentityCredential extends Entity { - /** - * The audience that can appear in the external token. This field is mandatory and should be set to - * api://AzureADTokenExchange for Microsoft Entra ID. It says what Microsoft identity platform should accept in the aud - * claim in the incoming token. This value represents Microsoft Entra ID in your external identity provider and has no - * fixed value across identity providers - you may need to create a new application registration in your identity provider - * to serve as the audience of this token. This field can only accept a single value and has a limit of 600 characters. - * Required. - */ - audiences?: string[]; - /** - * The un-validated, user-provided description of the federated identity credential. It has a limit of 600 characters. - * Optional. - */ - description?: NullableOption; - /** - * The URL of the external identity provider and must match the issuer claim of the external token being exchanged. The - * combination of the values of issuer and subject must be unique on the app. It has a limit of 600 characters. Required. - */ - issuer?: string; - /** - * is the unique identifier for the federated identity credential, which has a limit of 120 characters and must be URL - * friendly. It is immutable once created. Required. Not nullable. Supports $filter (eq). - */ - name?: string; - /** - * Required. The identifier of the external software workload within the external identity provider. Like the audience - * value, it has no fixed format, as each identity provider uses their own - sometimes a GUID, sometimes a colon delimited - * identifier, sometimes arbitrary strings. The value here must match the sub claim within the token presented to - * Microsoft Entra ID. The combination of issuer and subject must be unique on the app. It has a limit of 600 characters. - * Supports $filter (eq). - */ - subject?: string; -} -export interface StsPolicy extends PolicyBase { - /** - * A string collection containing a JSON string that defines the rules and settings for a policy. The syntax for the - * definition differs for each derived policy type. Required. - */ - definition?: string[]; - /** - * If set to true, activates this policy. There can be many policies for the same policy type, but only one can be - * activated as the organization default. Optional, default value is false. - */ - isOrganizationDefault?: NullableOption; - appliesTo?: NullableOption; -} -// tslint:disable-next-line: no-empty-interface -export interface HomeRealmDiscoveryPolicy extends StsPolicy {} -// tslint:disable-next-line: no-empty-interface -export interface TokenIssuancePolicy extends StsPolicy {} -// tslint:disable-next-line: no-empty-interface -export interface TokenLifetimePolicy extends StsPolicy {} -export interface ConnectorGroup extends Entity { - // Indicates the type of hybrid agent. This pre-set by the system. Possible values are: applicationProxy. Read-only. - connectorGroupType?: ConnectorGroupType; - /** - * Indicates if the connectorGroup is the default connectorGroup. Only a single connector group can be the default - * connectorGroup and this is pre-set by the system. Read-only. - */ - isDefault?: boolean; - // The name associated with the connectorGroup. - name?: string; - /** - * The region the connectorGroup is assigned to and will optimize traffic for. This region can only be set if no - * connectors or applications are assigned to the connectorGroup. The possible values are: nam (for North America), eur - * (for Europe), aus (for Australia), asia (for Asia), ind (for India), and unknownFutureValue. - */ - region?: NullableOption; - applications?: NullableOption; - members?: NullableOption; -} -export interface Synchronization extends Entity { - // Represents a collection of credentials to access provisioned cloud applications. - secrets?: NullableOption; - /** - * Performs synchronization by periodically running in the background, polling for changes in one directory, and pushing - * them to another directory. - */ - jobs?: NullableOption; - // Pre-configured synchronization settings for a particular application. - templates?: NullableOption; -} -export interface CustomCalloutExtension extends Entity { - // Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow. - authenticationConfiguration?: NullableOption; - /** - * HTTP connection settings that define how long Microsoft Entra ID can wait for a connection to a logic app, how many - * times you can retry a timed-out connection and the exception scenarios when retries are allowed. - */ - clientConfiguration?: NullableOption; - // Description for the customCalloutExtension object. - description?: NullableOption; - // Display name for the customCalloutExtension object. - displayName?: NullableOption; - // The type and details for configuring the endpoint to call the logic app's workflow. - endpointConfiguration?: NullableOption; -} -export interface DeletedItemContainer extends Entity { - // Deleted workflows that end up in the deletedItemsContainer. - workflows?: NullableOption; -} -export interface Group extends DirectoryObject { - /** - * The list of sensitivity label pairs (label ID, label name) associated with a Microsoft 365 group. Returned only on - * $select. - */ - assignedLabels?: NullableOption; - // The licenses that are assigned to the group. Returned only on $select. Supports $filter (eq). Read-only. - assignedLicenses?: NullableOption; - /** - * Describes a classification for the group (such as low, medium or high business impact). Valid values for this property - * are defined by creating a ClassificationList setting value, based on the template definition.Returned by default. - * Supports $filter (eq, ne, not, ge, le, startsWith). - */ - classification?: NullableOption; - /** - * App ID of the app used to create the group. Can be null for some groups. Returned by default. Read-only. Supports - * $filter (eq, ne, not, in, startsWith). - */ - createdByAppId?: NullableOption; - /** - * Timestamp of when the group was created. The value can't be modified and is automatically populated when the group is - * created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For - * example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Read-only. - */ - createdDateTime?: NullableOption; - /** - * An optional description for the group. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith) and - * $search. - */ - description?: NullableOption; - /** - * The display name for the group. Required. Maximum length is 256 characters. Returned by default. Supports $filter (eq, - * ne, not, ge, le, in, startsWith, and eq on null values), $search, and $orderby. - */ - displayName?: NullableOption; - /** - * Timestamp of when the group is set to expire. It is null for security groups, but for Microsoft 365 groups, it - * represents when the group is set to expire as defined in the groupLifecyclePolicy. The Timestamp type represents date - * and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is - * 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, le, in). Read-only. - */ - expirationDateTime?: NullableOption; - /** - * Specifies the group type and its membership. If the collection contains Unified, the group is a Microsoft 365 group; - * otherwise, it's either a security group or a distribution group. For details, see groups overview.If the collection - * includes DynamicMembership, the group has dynamic membership; otherwise, membership is static. Returned by default. - * Supports $filter (eq, not). - */ - groupTypes?: string[]; - /** - * Indicates whether there are members in this group that have license errors from its group-based license assignment. - * This property is never returned on a GET operation. You can use it as a $filter argument to get groups that have - * members with license errors (that is, filter for this property being true). Supports $filter (eq). - */ - hasMembersWithLicenseErrors?: NullableOption; - /** - * Identifies the info segments assigned to the group. Returned by default. Supports $filter (eq, not, ge, le, - * startsWith). - */ - infoCatalogs?: string[]; - /** - * Indicates whether this group can be assigned to a Microsoft Entra role. Optional. This property can only be set while - * creating the group and is immutable. If set to true, the securityEnabled property must also be set to true, visibility - * must be Hidden, and the group cannot be a dynamic group (that is, groupTypes can't contain DynamicMembership). Only - * callers in Global Administrator and Privileged Role Administrator roles can set this property. The caller must also be - * assigned the RoleManagement.ReadWrite.Directory permission to set this property or update the membership of such - * groups. For more, see Using a group to manage Microsoft Entra role assignmentsUsing this feature requires a Microsoft - * Entra ID P1 license. Returned by default. Supports $filter (eq, ne, not). - */ - isAssignableToRole?: NullableOption; - /** - * Indicates whether the group is a member of a restricted management administrative unit, in which case it requires a - * role scoped to the restricted administrative unit to manage. The default value is false. Read-only. To manage a group - * member of a restricted administrative unit, the calling app must be assigned the Directory.Write.Restricted permission. - * For delegated scenarios, the administrators must also be explicitly assigned supported roles at the restricted - * administrative unit scope. - */ - isManagementRestricted?: NullableOption; - /** - * Indicates the status of the group license assignment to all group members. Possible values: QueuedForProcessing, - * ProcessingInProgress, and ProcessingComplete. Returned only on $select. Read-only. - */ - licenseProcessingState?: NullableOption; - /** - * The SMTP address for the group, for example, 'serviceadmins@contoso.onmicrosoft.com'. Returned by default. Read-only. - * Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). - */ - mail?: NullableOption; - /** - * Specifies whether the group is mail-enabled. Required. Returned by default. Supports $filter (eq, ne, not, and eq on - * null values). - */ - mailEnabled?: NullableOption; - /** - * The mail alias for the group, unique for Microsoft 365 groups in the organization. Maximum length is 64 characters. - * This property can contain only characters in the ASCII character set 0 - 127 except the following: @ () / [] ' ; : - * <> , SPACE. Returned by default. Supports $filter (eq, ne, not, ge, le, in, startsWith). - */ - mailNickname?: NullableOption; - /** - * The rule that determines members for this group if the group is a dynamic group (groupTypes contains - * DynamicMembership). For more information about the syntax of the membership rule, see Membership Rules syntax. Returned - * by default. Supports $filter (eq, ne, not, ge, le, startsWith). - */ - membershipRule?: NullableOption; - /** - * Indicates whether the dynamic membership processing is on or paused. Possible values are On or Paused. Returned by - * default. Supports $filter (eq, ne, not, in). - */ - membershipRuleProcessingState?: NullableOption; - /** - * Contains the on-premises domain FQDN, also called dnsDomainName synchronized from the on-premises directory. The - * property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft - * Entra Connect.Returned by default. Read-only. - */ - onPremisesDomainName?: NullableOption; - /** - * Indicates the last time at which the group was synced with the on-premises directory.The Timestamp type represents date - * and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is - * 2014-01-01T00:00:00Z. Returned by default. Read-only. Supports $filter (eq, ne, not, ge, le, in). - */ - onPremisesLastSyncDateTime?: NullableOption; - /** - * Contains the on-premises netBios name synchronized from the on-premises directory. The property is only populated for - * customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by - * default. Read-only. - */ - onPremisesNetBiosName?: NullableOption; - /** - * Errors when using Microsoft synchronization product during provisioning. Returned by default. Supports $filter (eq, - * not). - */ - onPremisesProvisioningErrors?: NullableOption; - /** - * Contains the on-premises SAM account name synchronized from the on-premises directory. The property is only populated - * for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect.Returned by - * default. Supports $filter (eq, ne, not, ge, le, in, startsWith). Read-only. - */ - onPremisesSamAccountName?: NullableOption; +export type X509CertificateIssuerHintsState = "disabled" | "enabled" | "unknownFutureValue"; +export type X509CertificateRuleType = "issuerSubject" | "policyOID" | "unknownFutureValue" | "issuerSubjectAndPolicyOID"; +export type ZebraFotaConnectorState = "none" | "connected" | "disconnected" | "unknownFutureValue"; +export type ZebraFotaDeploymentState = + | "pendingCreation" + | "createFailed" + | "created" + | "inProgress" + | "completed" + | "pendingCancel" + | "canceled" + | "unknownFutureValue"; +export type ZebraFotaErrorCode = + | "success" + | "noDevicesFoundInSelectedAadGroups" + | "noIntuneDevicesFoundInSelectedAadGroups" + | "noZebraFotaEnrolledDevicesFoundForCurrentTenant" + | "noZebraFotaEnrolledDevicesFoundInSelectedAadGroups" + | "noZebraFotaDevicesFoundForSelectedDeviceModel" + | "zebraFotaCreateDeploymentRequestFailure" + | "unknownFutureValue"; +export type ZebraFotaNetworkType = "any" | "wifi" | "cellular" | "wifiAndCellular" | "unknownFutureValue"; +export type ZebraFotaScheduleMode = "installNow" | "scheduled" | "unknownFutureValue"; +export type ZebraFotaUpdateType = "custom" | "latest" | "auto" | "unknownFutureValue"; +export interface AadUserConversationMember extends ConversationMember { + // The email address of the user. + email?: NullableOption; + // TenantId which the Microsoft Entra user belongs to. + tenantId?: NullableOption; + // The GUID of the user. + userId?: NullableOption; + user?: NullableOption; +} +export interface AccessPackage extends Entity { + // Identifier of the access package catalog referencing this access package. Read-only. + catalogId?: NullableOption; + // The userPrincipalName of the user or identity of the subject who created this resource. Read-only. + createdBy?: NullableOption; /** - * Contains the on-premises security identifier (SID) for the group synchronized from on-premises to the cloud. Returned - * by default. Supports $filter (eq including on null values). Read-only. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - onPremisesSecurityIdentifier?: NullableOption; + createdDateTime?: NullableOption; + // The description of the access package. + description?: NullableOption; + // The display name of the access package. Supports $filter (eq, contains). + displayName?: NullableOption; + // Whether the access package is hidden from the requestor. + isHidden?: NullableOption; + // Indicates whether role scopes are visible. + isRoleScopesVisible?: NullableOption; + // The userPrincipalName of the user who last modified this resource. Read-only. + modifiedBy?: NullableOption; /** - * true if this group is synced from an on-premises directory; false if this group was originally synced from an - * on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory - * (default). Returned by default. Read-only. Supports $filter (eq, ne, not, in, and eq on null values). + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - onPremisesSyncEnabled?: NullableOption; - organizationId?: NullableOption; + modifiedDateTime?: NullableOption; + // Read-only. Nullable. Supports $expand. + accessPackageAssignmentPolicies?: NullableOption; + accessPackageCatalog?: NullableOption; + accessPackageResourceRoleScopes?: NullableOption; + // The access packages that are incompatible with this package. Read-only. + accessPackagesIncompatibleWith?: NullableOption; + // The access packages whose assigned users are ineligible to be assigned this access package. + incompatibleAccessPackages?: NullableOption; + // The groups whose members are ineligible to be assigned this access package. + incompatibleGroups?: NullableOption; +} +export interface AccessPackageAssignment extends Entity { + // The identifier of the access package. Read-only. + accessPackageId?: NullableOption; + // The identifier of the access package assignment policy. Read-only. + assignmentPolicyId?: NullableOption; /** - * The preferred data location for the Microsoft 365 group. By default, the group inherits the group creator's preferred - * data location. To set this property, the calling app must be granted the Directory.ReadWrite.All permission and the - * user be assigned one of the following Microsoft Entra roles: Global Administrator User Account Administrator Directory - * Writer Exchange Administrator SharePoint Administrator For more information about this property, see OneDrive Online - * Multi-Geo and Create a Microsoft 365 group with a specific PDL. Nullable. Returned by default. + * The state of the access package assignment. Possible values are Delivering, Delivered, or Expired. Read-only. Supports + * $filter (eq). */ - preferredDataLocation?: NullableOption; + assignmentState?: NullableOption; /** - * The preferred language for a Microsoft 365 group. Should follow ISO 639-1 Code; for example, en-US. Returned by - * default. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). + * More information about the assignment lifecycle. Possible values include Delivering, Delivered, + * NearExpiry1DayNotificationTriggered, or ExpiredNotificationTriggered. Read-only. */ - preferredLanguage?: NullableOption; + assignmentStatus?: NullableOption; + // The identifier of the catalog containing the access package. Read-only. + catalogId?: NullableOption; + // Information about all the custom extension calls that were made during the access package assignment workflow. + customExtensionCalloutInstances?: NullableOption; /** - * Email addresses for the group that direct to the same group mailbox. For example: ['SMTP: bob@contoso.com', 'smtp: - * bob@sales.contoso.com']. The any operator is required for filter expressions on multi-valued properties. Returned by - * default. Read-only. Not nullable. Supports $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ - proxyAddresses?: string[]; + expiredDateTime?: NullableOption; + // Indicates whether the access package assignment is extended. Read-only. + isExtended?: NullableOption; + // When the access assignment is to be in place. Read-only. + schedule?: NullableOption; + // The ID of the subject with the assignment. Read-only. + targetId?: NullableOption; + // Read-only. Nullable. Supports $filter (eq) on the id property and $expand query parameters. + accessPackage?: NullableOption; + // Read-only. Nullable. Supports $filter (eq) on the id property + accessPackageAssignmentPolicy?: NullableOption; + accessPackageAssignmentRequests?: NullableOption; + // The resource roles delivered to the target user for this assignment. Read-only. Nullable. + accessPackageAssignmentResourceRoles?: NullableOption; + // The subject of the access package assignment. Read-only. Nullable. Supports $expand. Supports $filter (eq) on objectId. + target?: NullableOption; +} +export interface AccessPackageAssignmentPolicy extends Entity { + // Identifier of the access package. + accessPackageId?: NullableOption; /** - * Timestamp of when the group was last renewed. This cannot be modified directly and is only updated via the renew - * service action. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC. For - * example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. Supports $filter (eq, ne, not, ge, - * le, in). Read-only. + * Who must review, and how often, the assignments to the access package from this policy. This property is null if + * reviews aren't required. */ - renewedDateTime?: NullableOption; + accessReviewSettings?: NullableOption; + // Indicates whether a user can extend the access package assignment duration after approval. + canExtend?: NullableOption; + createdBy?: NullableOption; /** - * Specifies the group behaviors that can be set for a Microsoft 365 group during creation. This can be set only as part - * of creation (POST). Possible values are AllowOnlyMembersToPost, HideGroupInOutlook, SubscribeNewGroupMembers, - * WelcomeEmailDisabled. For more information, see Set Microsoft 365 group behaviors and provisioning options. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ - resourceBehaviorOptions?: string[]; + createdDateTime?: NullableOption; + // The description of the policy. + description?: NullableOption; + // The display name of the policy. Supports $filter (eq). + displayName?: NullableOption; + // The number of days in which assignments from this policy last until they're expired. + durationInDays?: NullableOption; /** - * Specifies the group resources that are provisioned as part of Microsoft 365 group creation that isn't normally part of - * default group creation. The possible value is Team. For more information, see Set Microsoft 365 group behaviors and - * provisioning options. Returned by default. Supports $filter (eq, not, startsWith. + * The expiration date for assignments created in this policy. The Timestamp type represents date and time information + * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ - resourceProvisioningOptions?: string[]; - // Specifies whether the group is a security group. Required.Returned by default. Supports $filter (eq, ne, not, in). - securityEnabled?: NullableOption; - // Security identifier of the group, used in Windows scenarios. Returned by default. - securityIdentifier?: NullableOption; + expirationDateTime?: NullableOption; + modifiedBy?: NullableOption; /** - * Errors published by a federated service describing a non-transient, service-specific error regarding the properties or - * link from a group object. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ - serviceProvisioningErrors?: NullableOption; + modifiedDateTime?: NullableOption; + // Questions that are posed to the requestor. + questions?: NullableOption; + // Who must approve requests for access package in this policy. + requestApprovalSettings?: NullableOption; + // Who can request this access package from this policy. + requestorSettings?: NullableOption; /** - * Specifies a Microsoft 365 group's color theme. Possible values are Teal, Purple, Green, Blue, Pink, Orange or Red. - * Returned by default. + * Settings for verifiable credentials set up through the Microsoft Entra Verified I D service. These settings represent + * the verifiable credentials that a requestor of an access package in this policy can present to be assigned the access + * package. */ - theme?: NullableOption; - uniqueName?: NullableOption; + verifiableCredentialSettings?: NullableOption; + // The access package with this policy. Read-only. Nullable. Supports $expand. + accessPackage?: NullableOption; + accessPackageCatalog?: NullableOption; + // The collection of stages when to execute one or more custom access package workflow extensions. Supports $expand. + customExtensionHandlers?: NullableOption; + // The collection of stages when to execute one or more custom access package workflow extensions. Supports $expand. + customExtensionStageSettings?: NullableOption; +} +export interface AccessPackageAssignmentRequest extends Entity { + // Answers provided by the requestor to accessPackageQuestions asked of them at the time of request. + answers?: NullableOption; /** - * Specifies the group join policy and group content visibility for groups. Possible values are: Private, Public, or - * HiddenMembership. HiddenMembership can be set only for Microsoft 365 groups when the groups are created. It can't be - * updated later. Other values of visibility can be updated after group creation. If visibility value isn't specified - * during group creation on Microsoft Graph, a security group is created as Private by default, and Microsoft 365 group is - * Public. Groups assignable to roles are always Private. To learn more, see group visibility options. Returned by - * default. Nullable. + * The date of the end of processing, either successful or failure, of a request. The Timestamp type represents date and + * time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is + * 2014-01-01T00:00:00Z. Read-only. */ - visibility?: NullableOption; + completedDate?: NullableOption; /** - * Specifies whether or not a group is configured to write back group object properties to on-premises Active Directory. - * These properties are used when group writeback is configured in the Microsoft Entra Connect sync client. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - writebackConfiguration?: NullableOption; - accessType?: NullableOption; + createdDateTime?: NullableOption; + // Information about all the custom extension calls that were made during the access package assignment request workflow. + customExtensionCalloutInstances?: NullableOption; + // A collection of custom workflow extension instances being run on an assignment request. Read-only. + customExtensionHandlerInstances?: NullableOption; + expirationDateTime?: NullableOption; + // True if the request is not to be processed for assignment. + isValidationOnly?: NullableOption; + // The requestor's supplied justification. + justification?: NullableOption; /** - * Indicates if people external to the organization can send messages to the group. The default value is false. Returned - * only on $select. Supported only on the Get group API (GET /groups/{ID}). + * One of PendingApproval, Canceled, Denied, Delivering, Delivered, PartiallyDelivered, DeliveryFailed, Submitted or + * Scheduled. Read-only. */ - allowExternalSenders?: NullableOption; + requestState?: NullableOption; + // More information on the request processing status. Read-only. + requestStatus?: NullableOption; /** - * Indicates if new members added to the group are auto-subscribed to receive email notifications. You can set this - * property in a PATCH request for the group; don't set it in the initial POST request that creates the group. Default - * value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). + * One of UserAdd, UserExtend, UserUpdate, UserRemove, AdminAdd, AdminRemove or SystemRemove. A request from the user + * themselves would have requestType of UserAdd, UserUpdate or UserRemove. Read-only. */ - autoSubscribeNewMembers?: NullableOption; + requestType?: NullableOption; + // The range of dates that access is to be assigned to the requestor. Read-only. + schedule?: NullableOption; + // The details of the verifiable credential that was presented by the requestor, such as the issuer and claims. Read-only. + verifiedCredentialsData?: NullableOption; /** - * true if the group isn't displayed in certain parts of the Outlook user interface: in the Address Book, in address lists - * for selecting message recipients, and in the Browse Groups dialog for searching groups; false otherwise. The default - * value is false. Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). + * The access package associated with the accessPackageAssignmentRequest. An access package defines the collections of + * resource roles and the policies for how one or more users can get access to those resources. Read-only. Nullable. + * Supports $expand. */ - hideFromAddressLists?: NullableOption; + accessPackage?: NullableOption; /** - * true if the group isn't displayed in Outlook clients, such as Outlook for Windows and Outlook on the web, false - * otherwise. The default value is false. Returned only on $select. Supported only on the Get group API (GET - * /groups/{ID}). + * For a requestType of UserAdd or AdminAdd, this is an access package assignment requested to be created. For a + * requestType of UserRemove, AdminRemove or SystemRemove, this has the id property of an existing assignment to be + * removed. Supports $expand. */ - hideFromOutlookClients?: NullableOption; - isFavorite?: NullableOption; + accessPackageAssignment?: NullableOption; + // The subject who requested or, if a direct assignment, was assigned. Read-only. Nullable. Supports $expand. + requestor?: NullableOption; +} +export interface AccessPackageAssignmentRequestWorkflowExtension extends CustomCalloutExtension { + // The callback configuration for a custom extension. + callbackConfiguration?: NullableOption; + // The userPrincipalName of the user or identity of the subject that created this resource. Read-only. + createdBy?: NullableOption; + // When the object was created. + createdDateTime?: NullableOption; + // The userPrincipalName of the identity that last modified the object. + lastModifiedBy?: NullableOption; + // When the object was last modified. + lastModifiedDateTime?: NullableOption; +} +export interface AccessPackageAssignmentResourceRole extends Entity { /** - * Indicates whether the signed-in user is subscribed to receive email conversations. The default value is true. Returned - * only on $select. Supported only on the Get group API (GET /groups/{ID}). + * A unique identifier relative to the origin system, corresponding to the originId property of the + * accessPackageResourceRole. */ - isSubscribedByMail?: NullableOption; + originId?: NullableOption; /** - * Count of conversations delivered one or more new posts since the signed-in user's last visit to the group. This - * property is the same as unseenCount. Returned only on $select. + * The system where the role assignment is to be created or has been created for an access package assignment, such as + * SharePointOnline, AadGroup or AadApplication, corresponding to the originSystem property of the + * accessPackageResourceRole. */ - unseenConversationsCount?: NullableOption; + originSystem?: NullableOption; /** - * Count of conversations that have received new posts since the signed-in user last visited the group. This property is - * the same as unseenConversationsCount.Returned only on $select. Supported only on the Get group API (GET /groups/{ID}). + * The value is PendingFulfillment when the access package assignment hasn't yet been delivered to the origin system, and + * Fulfilled when the access package assignment has been delivered to the origin system. */ - unseenCount?: NullableOption; + status?: NullableOption; + // The access package assignments resulting in this role assignment. Read-only. Nullable. + accessPackageAssignments?: NullableOption; + accessPackageResourceRole?: NullableOption; + accessPackageResourceScope?: NullableOption; + // Read-only. Nullable. Supports $filter (eq) on objectId and $expand query parameters. + accessPackageSubject?: NullableOption; +} +export interface AccessPackageAssignmentWorkflowExtension extends CustomCalloutExtension { + // The callback configuration for a custom extension. + callbackConfiguration?: NullableOption; + // The userPrincipalName of the user or identity of the subject that created this resource. Read-only. + createdBy?: NullableOption; + // When the entity was created. + createdDateTime?: NullableOption; + // The userPrincipalName of the identity that last modified the entity. + lastModifiedBy?: NullableOption; + // When the entity was last modified. + lastModifiedDateTime?: NullableOption; +} +export interface AccessPackageCatalog extends Entity { + // Has the value Published if the access packages are available for management. + catalogStatus?: NullableOption; + // One of UserManaged or ServiceDefault. + catalogType?: NullableOption; + // UPN of the user who created this resource. Read-only. + createdBy?: NullableOption; /** - * Count of new posts that have been delivered to the group's conversations since the signed-in user's last visit to the - * group. Returned only on $select. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - unseenMessagesCount?: NullableOption; + createdDateTime?: NullableOption; + // The description of the access package catalog. + description?: NullableOption; + // The display name of the access package catalog. Supports $filter (eq, contains). + displayName?: NullableOption; + // Whether the access packages in this catalog can be requested by users outside of the tenant. + isExternallyVisible?: NullableOption; + // The UPN of the user who last modified this resource. Read-only. + modifiedBy?: NullableOption; /** - * Describes the processing status for rules-based dynamic groups. The property is null for non-rule-based dynamic groups - * or if the dynamic group processing has been paused. Returned only on $select. Supported only on the Get group API (GET - * /groups/{ID}). Read-only. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - membershipRuleProcessingStatus?: NullableOption; + modifiedDateTime?: NullableOption; + // The attributes of a logic app, which can be called at various stages of an access package request and assignment cycle. + accessPackageCustomWorkflowExtensions?: NullableOption; + // The roles in each resource in a catalog. Read-only. + accessPackageResourceRoles?: NullableOption; + accessPackageResources?: NullableOption; + accessPackageResourceScopes?: NullableOption; + // The access packages in this catalog. Read-only. Nullable. Supports $expand. + accessPackages?: NullableOption; + customAccessPackageWorkflowExtensions?: NullableOption; +} +export interface AccessPackageResource extends Entity { + // The name of the user or application that first added this resource. Read-only. + addedBy?: NullableOption; /** - * When a group is associated with a team, this property determines whether the team is in read-only mode. To read this - * property, use the /group/{groupId}/team endpoint or the Get team API. To update this property, use the archiveTeam and - * unarchiveTeam APIs. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - isArchived?: NullableOption; - // Represents the app roles a group has been granted for an application. Supports $expand. - appRoleAssignments?: NullableOption; - // The user (or application) that created the group. Note: This isn't set if the user is an administrator. Read-only. - createdOnBehalfOf?: NullableOption; - // Endpoints for the group. Read-only. Nullable. - endpoints?: NullableOption; + addedOn?: NullableOption; + // Contains information about the attributes to be collected from the requestor and sent to the resource application. + attributes?: NullableOption; + // A description for the resource. + description?: NullableOption; + // The display name of the resource, such as the application name, group name, or site name. + displayName?: NullableOption; + // True if the resource is not yet available for assignment. Read-only. + isPendingOnboarding?: NullableOption; /** - * Groups and administrative units that this group is a member of. HTTP Methods: GET (supported for all groups). - * Read-only. Nullable. Supports $expand. + * The unique identifier of the resource in the origin system. In the case of a Microsoft Entra group, originId is the + * identifier of the group. Supports $filter (eq). */ - memberOf?: NullableOption; + originId?: NullableOption; /** - * Direct group members, who can be users, devices, other groups, or service principals. Supports the List members, Add - * member, and Remove member operations. Nullable. Supports $expand including nested $select. For example, - * /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=members($select=id,userPrincipalName,displayName). + * The type of the resource in the origin system, such as SharePointOnline, AadApplication, or AadGroup. Supports $filter + * (eq). */ - members?: NullableOption; - // A list of group members with license errors from this group-based license assignment. Read-only. - membersWithLicenseErrors?: NullableOption; + originSystem?: NullableOption; /** - * The owners of the group who can be users or service principals. Nullable. If this property isn't specified when - * creating a Microsoft 365 group, the calling user is automatically assigned as the group owner. Supports $filter - * (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1); Supports $expand including nested $select. For example, - * /groups?$filter=startsWith(displayName,'Role')&$select=id,displayName&$expand=owners($select=id,userPrincipalName,displayName). + * The type of the resource, such as Application if it is a Microsoft Entra connected application, or SharePoint Online + * Site for a SharePoint Online site. */ - owners?: NullableOption; - // The permissions granted for a group to a specific application. Supports $expand. - permissionGrants?: NullableOption; - // Settings that can govern this group's behavior, like whether members can invite guest users to the group. Nullable. - settings?: NullableOption; - // The groups a group is a member of, either directly or through nested membership. Nullable. - transitiveMemberOf?: NullableOption; - // The direct and transitive members of a group. Nullable. - transitiveMembers?: NullableOption; + resourceType?: NullableOption; + // A unique resource locator for the resource, such as the URL for signing a user into an application. + url?: NullableOption; /** - * The list of users or groups allowed to create posts or calendar events in this group. If this list is non-empty, then - * only users or groups listed here can post. + * Contains the environment information for the resource. This environment can be set using either the @odata.bind + * annotation or the environment's originId. Supports $expand. */ - acceptedSenders?: NullableOption; - // The group's calendar. Read-only. - calendar?: NullableOption; - // The calendar view for the calendar. Read-only. - calendarView?: NullableOption; - // The group's conversations. - conversations?: NullableOption; - // The group's events. - events?: NullableOption; - // The list of users or groups not allowed to create posts or calendar events in this group. Nullable - rejectedSenders?: NullableOption; - // The group's conversation threads. Nullable. - threads?: NullableOption; - // The group's default drive. Read-only. - drive?: NullableOption; - // The group's drives. Read-only. - drives?: NullableOption; - // The list of SharePoint sites in this group. Access the default site with /sites/root. - sites?: NullableOption; - // The collection of open extensions defined for the group. Read-only. Nullable. - extensions?: NullableOption; - // The collection of lifecycle policies for this group. Read-only. Nullable. - groupLifecyclePolicies?: NullableOption; - // Selective Planner services available to the group. Read-only. Nullable. - planner?: NullableOption; - onenote?: NullableOption; - // The group's profile photo. - photo?: NullableOption; - // The profile photos owned by the group. Read-only. Nullable. - photos?: NullableOption; - // The team associated with this group. - team?: NullableOption; + accessPackageResourceEnvironment?: NullableOption; + // Read-only. Nullable. Supports $expand. + accessPackageResourceRoles?: NullableOption; + // Read-only. Nullable. Supports $expand. + accessPackageResourceScopes?: NullableOption; } -export interface AppRoleAssignment extends Entity { - /** - * The identifier (id) for the app role which is assigned to the principal. This app role must be exposed in the appRoles - * property on the resource application's service principal (resourceId). If the resource application has not declared any - * app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal - * is assigned to the resource app without any specific app roles. Required on create. - */ - appRoleId?: string; +export interface AccessPackageResourceEnvironment extends Entity { + // Connection information of an environment used to connect to a resource. + connectionInfo?: NullableOption; + // The display name of the user that created this object. + createdBy?: NullableOption; /** - * The time when the app role assignment was created. The Timestamp type represents date and time information using ISO - * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. + * The date and time that this object was created. The DateTimeOffset type represents date and time information using ISO + * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - creationTimestamp?: NullableOption; + createdDateTime?: NullableOption; + // The description of this object. + description?: NullableOption; + // The display name of this object. + displayName?: NullableOption; /** - * The display name of the user, group, or service principal that was granted the app role assignment. Read-only. Supports - * $filter (eq and startswith). + * Determines whether this is default environment or not. It is set to true for all static origin systems, such as + * Microsoft Entra groups and Microsoft Entra Applications. */ - principalDisplayName?: NullableOption; + isDefaultEnvironment?: NullableOption; + // The display name of the entity that last modified this object. + modifiedBy?: NullableOption; /** - * The unique identifier (id) for the user, security group, or service principal being granted the app role. Security - * groups with dynamic memberships are supported. Required on create. + * The date and time that this object was last modified. The DateTimeOffset type represents date and time information + * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - principalId?: NullableOption; - // The type of the assigned principal. This can either be User, Group, or ServicePrincipal. Read-only. - principalType?: NullableOption; - // The display name of the resource app's service principal to which the assignment is made. - resourceDisplayName?: NullableOption; + modifiedDateTime?: NullableOption; + // The unique identifier of this environment in the origin system. + originId?: string; + // The type of the resource in the origin system, that is, SharePointOnline. Requires $filter (eq). + originSystem?: string; + // Read-only. Required. + accessPackageResources?: NullableOption; +} +export interface AccessPackageResourceRequest extends Entity { + // The unique ID of the access package catalog. + catalogId?: NullableOption; + executeImmediately?: NullableOption; /** - * The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. - * Supports $filter (eq only). + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ - resourceId?: NullableOption; -} -export interface Endpoint extends DirectoryObject { + expirationDateTime?: NullableOption; + // If set, does not add the resource. + isValidationOnly?: NullableOption; + // The requestor's justification for adding or removing the resource. + justification?: NullableOption; /** - * Describes the capability that is associated with this resource. (for example, Messages, Conversations, etc.) Not - * nullable. Read-only. + * The outcome of whether the service was able to add the resource to the catalog. The value is Delivered if the resource + * was added or removed. Read-Only. */ - capability?: string; - // Application id of the publishing underlying service. Not nullable. Read-only. - providerId?: NullableOption; - // Name of the publishing underlying service. Read-only. - providerName?: NullableOption; + requestState?: NullableOption; + requestStatus?: NullableOption; /** - * For Microsoft 365 groups, this is set to a well-known name for the resource (for example, Yammer.FeedURL etc.). Not - * nullable. Read-only. + * Use AdminAdd to add a resource, if the caller is an administrator or resource owner, AdminUpdate to update a resource, + * or AdminRemove to remove a resource. */ - providerResourceId?: NullableOption; - // URL of the published resource. Not nullable. Read-only. - uri?: string; -} -export interface ResourceSpecificPermissionGrant extends DirectoryObject { - // ID of the service principal of the Microsoft Entra app that has been granted access. Read-only. - clientAppId?: NullableOption; - // ID of the Microsoft Entra app that has been granted access. Read-only. - clientId?: NullableOption; - // The name of the resource-specific permission. Read-only. - permission?: NullableOption; - // The type of permission. Possible values are: Application, Delegated. Read-only. - permissionType?: NullableOption; - // ID of the Microsoft Entra app that is hosting the resource. Read-only. - resourceAppId?: NullableOption; + requestType?: NullableOption; + accessPackageResource?: NullableOption; + // Read-only. Nullable. Supports $expand. + requestor?: NullableOption; } -export interface DirectorySetting extends Entity { - // Display name of this group of settings, which comes from the associated template. Read-only. +export interface AccessPackageResourceRole extends Entity { + // A description for the resource role. + description?: NullableOption; + // The display name of the resource role such as the role defined by the application. displayName?: NullableOption; - // Unique identifier for the template used to create this group of settings. Read-only. - templateId?: NullableOption; /** - * Collection of name-value pairs corresponding to the name and defaultValue properties in the referenced - * directorySettingTemplates object. + * The unique identifier of the resource role in the origin system. For a SharePoint Online site, the originId will be the + * sequence number of the role in the site. */ - values?: SettingValue[]; + originId?: NullableOption; + // The type of the resource in the origin system, such as SharePointOnline, AadApplication or AadGroup. + originSystem?: NullableOption; + accessPackageResource?: NullableOption; } -export interface Calendar extends Entity { +export interface AccessPackageResourceRoleScope extends Entity { + createdBy?: NullableOption; /** - * Represent the online meeting service providers that can be used to create online meetings in this calendar. Possible - * values are: unknown, skypeForBusiness, skypeForConsumer, teamsForBusiness. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ - allowedOnlineMeetingProviders?: NullableOption; + createdDateTime?: NullableOption; + modifiedBy?: NullableOption; /** - * The calendarGroup in which to create the calendar. If the user has never explicitly set a group for the calendar, this - * property is null. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ - calendarGroupId?: NullableOption; + modifiedDateTime?: NullableOption; + // Read-only. Nullable. Supports $expand. + accessPackageResourceRole?: NullableOption; + accessPackageResourceScope?: NullableOption; +} +export interface AccessPackageResourceScope extends Entity { + // The description of the scope. + description?: NullableOption; + // The display name of the scope. + displayName?: NullableOption; + // True if the scopes are arranged in a hierarchy and this is the top or root scope of the resource. + isRootScope?: NullableOption; + // The unique identifier for the scope in the resource as defined in the origin system. + originId?: NullableOption; + // The origin system for the scope. + originSystem?: NullableOption; + // The origin system for the role, if different. + roleOriginId?: NullableOption; + // A resource locator for the scope. + url?: NullableOption; + accessPackageResource?: NullableOption; +} +export interface AccessPackageSubject extends Entity { + // Not Supported. + altSecId?: NullableOption; /** - * true if the user can write to the calendar, false otherwise. This property is true for the user who created the - * calendar. This property is also true for a user who has been shared a calendar and granted write access, through an - * Outlook client or the corresponding calendarPermission resource. Read-only. + * The date and time the subject is marked to be blocked from sign in or deleted. The Timestamp type represents date and + * time information using ISO 8601 format and is always in UTC time. */ - canEdit?: NullableOption; + cleanupScheduledDateTime?: NullableOption; + // The identifier of the connected organization of the subject. + connectedOrganizationId?: NullableOption; + // The display name of the subject. + displayName?: NullableOption; + // The email address of the subject. + email?: NullableOption; + // The object identifier of the subject. null if the subject isn't yet a user in the tenant. Alternate key. + objectId?: NullableOption; + onPremisesSecurityIdentifier?: NullableOption; + // The principal name, if known, of the subject. + principalName?: NullableOption; /** - * true if the user has the permission to share the calendar, false otherwise. Only the user who created the calendar can - * share it. Read-only. + * The lifecycle of the subject user, if a guest. The possible values are: notDefined, notGoverned, governed, + * unknownFutureValue. */ - canShare?: NullableOption; + subjectLifecycle?: NullableOption; + // The resource type of the subject. + type?: NullableOption; + // The connected organization of the subject. Read-only. Nullable. + connectedOrganization?: NullableOption; +} +export interface AccessReview extends Entity { + // The business flow template identifier. Required on create. This value is case sensitive. + businessFlowTemplateId?: string; + // The user who created this review. + createdBy?: NullableOption; + // The description provided by the access review creator, to show to the reviewers. + description?: NullableOption; + // The access review name. Required on create. + displayName?: string; /** - * true if the user can read calendar items that have been marked private, false otherwise. This property is set through - * an Outlook client or the corresponding calendarPermission resource. Read-only. + * The DateTime when the review is scheduled to end. This must be at least one day later than the start date. Required on + * create. */ - canViewPrivateItems?: NullableOption; + endDateTime?: string; /** - * Identifies the version of the calendar object. Every time the calendar is changed, changeKey changes as well. This - * allows Exchange to apply changes to the correct version of the object. Read-only. + * The object for which the access reviews is reviewing the access rights assignments. This can be the group for the + * review of memberships of users in a group, or the app for a review of assignments of users to an application. Required + * on create. */ - changeKey?: NullableOption; + reviewedEntity?: NullableOption; + // The relationship type of reviewer to the target object, one of self, delegated or entityOwners. Required on create. + reviewerType?: NullableOption; + // The settings of an accessReview, see type definition below. + settings?: NullableOption; + // The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create. + startDateTime?: string; /** - * Specifies the color theme to distinguish the calendar from other calendars in a UI. The property values are: auto, - * lightBlue, lightGreen, lightOrange, lightGray, lightYellow, lightTeal, lightPink, lightBrown, lightRed, maxColor. + * This read-only field specifies the status of an accessReview. The typical states include Initializing, NotStarted, + * Starting,InProgress, Completing, Completed, AutoReviewing, and AutoReviewed. */ - color?: NullableOption; + status?: NullableOption; + // The collection of decisions for this access review. + decisions?: NullableOption; + // The collection of access reviews instances past, present and future, if this object is a recurring access review. + instances?: NullableOption; + // The collection of decisions for the caller, if the caller is a reviewer. + myDecisions?: NullableOption; + // The collection of reviewers for an access review, if access review reviewerType is of type delegated. + reviewers?: NullableOption; +} +export interface AccessReviewDecision extends Entity { + // The feature- generated recommendation shown to the reviewer, one of Approve, Deny or NotAvailable. + accessRecommendation?: NullableOption; + // The feature-generated ID of the access review. + accessReviewId?: NullableOption; /** - * The default online meeting provider for meetings sent from this calendar. Possible values are: unknown, - * skypeForBusiness, skypeForConsumer, teamsForBusiness. + * When the review completes, if the results were manually applied, the user identity of the user who applied the + * decision. If the review was autoapplied, the userPrincipalName is empty. */ - defaultOnlineMeetingProvider?: NullableOption; + appliedBy?: NullableOption; + // The date and time when the review decision was applied. + appliedDateTime?: NullableOption; + // The outcome of applying the decision, one of NotApplied, Success, Failed, NotFound or NotSupported. + applyResult?: NullableOption; + // The reviewer's business justification, if supplied. + justification?: NullableOption; + // The identity of the reviewer. If the recommendation was used as the review, the userPrincipalName is empty. + reviewedBy?: NullableOption; + reviewedDateTime?: NullableOption; + // The result of the review, one of NotReviewed, Deny, DontKnow or Approve. + reviewResult?: NullableOption; +} +export interface AccessReviewHistoryDefinition extends Entity { + // User who created this review history definition. + createdBy?: UserIdentity; + // Timestamp when the access review definition was created. + createdDateTime?: string; /** - * The calendar color, expressed in a hex color code of three hexadecimal values, each ranging from 00 to FF and - * representing the red, green, or blue components of the color in the RGB color space. If the user has never explicitly - * set a color for the calendar, this property is empty. + * Determines which review decisions will be included in the fetched review history data if specified. Optional on create. + * All decisions are included by default if no decisions are provided on create. Possible values are: approve, deny, + * dontKnow, notReviewed, and notNotified. */ - hexColor?: NullableOption; - // true if this is the default calendar where new events are created by default, false otherwise. - isDefaultCalendar?: NullableOption; - // Indicates whether this user calendar can be deleted from the user mailbox. - isRemovable?: NullableOption; + decisions?: NullableOption; + // Name for the access review history data collection. Required. + displayName?: string; + downloadUri?: NullableOption; + fulfilledDateTime?: NullableOption; /** - * true if the user has shared the calendar with other users, false otherwise. Since only the user who created the - * calendar can share it, isShared and isSharedWithMe cannot be true for the same user. This property is set when sharing - * is initiated in an Outlook client, and can be reset when the sharing is cancelled through the client or the - * corresponding calendarPermission resource. Read-only. + * A timestamp. Reviews ending on or before this date will be included in the fetched history data. Only required if + * scheduleSettings is not defined. */ - isShared?: NullableOption; + reviewHistoryPeriodEndDateTime?: string; /** - * true if the user has been shared this calendar, false otherwise. This property is always false for a calendar owner. - * This property is set when sharing is initiated in an Outlook client, and can be reset when the sharing is cancelled - * through the client or the corresponding calendarPermission resource. Read-only. + * A timestamp. Reviews starting on or before this date will be included in the fetched history data. Only required if + * scheduleSettings isn't defined. */ - isSharedWithMe?: NullableOption; + reviewHistoryPeriodStartDateTime?: string; /** - * Indicates whether this user calendar supports tracking of meeting responses. Only meeting invites sent from users' - * primary calendars support tracking of meeting responses. + * The settings for a recurring access review history definition series. Only required if reviewHistoryPeriodStartDateTime + * or reviewHistoryPeriodEndDateTime aren't defined. Not supported yet. */ - isTallyingResponses?: NullableOption; - // The calendar name. - name?: NullableOption; + scheduleSettings?: NullableOption; /** - * If set, this represents the user who created or added the calendar. For a calendar that the user created or added, the - * owner property is set to the user. For a calendar shared with the user, the owner property is set to the person who - * shared that calendar with the user. Read-only. + * Used to scope what reviews are included in the fetched history data. Fetches reviews whose scope matches with this + * provided scope. Required. */ - owner?: NullableOption; - // The permissions of the users with whom the calendar is shared. - calendarPermissions?: NullableOption; - // The calendar view for the calendar. Navigation property. Read-only. - calendarView?: NullableOption; - // The events in the calendar. Navigation property. Read-only. - events?: NullableOption; - // The collection of multi-value extended properties defined for the calendar. Read-only. Nullable. - multiValueExtendedProperties?: NullableOption; - // The collection of single-value extended properties defined for the calendar. Read-only. Nullable. - singleValueExtendedProperties?: NullableOption; -} -export interface OutlookItem extends Entity { - categories?: NullableOption; - changeKey?: NullableOption; + scopes?: AccessReviewScope[]; /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z + * Represents the status of the review history data collection. The possible values are: done, inProgress, error, + * requested, unknownFutureValue. */ - createdDateTime?: NullableOption; + status?: NullableOption; /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z + * If the accessReviewHistoryDefinition is a recurring definition, instances represent each recurrence. A definition that + * doesn't recur will have exactly one instance. */ - lastModifiedDateTime?: NullableOption; + instances?: NullableOption; } -export interface Event extends OutlookItem { +export interface AccessReviewHistoryInstance extends Entity { /** - * true if the meeting organizer allows invitees to propose a new time when responding; otherwise false. Optional. Default - * is true. + * Uri that can be used to retrieve review history data. This URI will be active for 24 hours after being generated. + * Required. */ - allowNewTimeProposals?: NullableOption; - // The collection of attendees for the event. - attendees?: NullableOption; - // The body of the message associated with the event. It can be in HTML or text format. - body?: NullableOption; - // The preview of the message associated with the event. It is in text format. - bodyPreview?: NullableOption; + downloadUri?: NullableOption; + // Timestamp when this instance and associated data expires and the history is deleted. Required. + expirationDateTime?: string; /** - * Contains occurrenceId property values of cancelled instances in a recurring series, if the event is the series master. - * Instances in a recurring series that are cancelled are called cancelledOccurences.Returned only on $select in a Get - * operation which specifies the id of a series master event (that is, the seriesMasterId property value). + * Timestamp when all of the available data for this instance was collected. This will be set after this instance's status + * is set to done. Required. */ - cancelledOccurrences?: NullableOption; - // The date, time, and time zone that the event ends. By default, the end time is in UTC. - end?: NullableOption; - // Set to true if the event has attachments. - hasAttachments?: NullableOption; + fulfilledDateTime?: NullableOption; + // Timestamp, reviews ending on or before this date are in the fetched history data. + reviewHistoryPeriodEndDateTime?: NullableOption; + // Timestamp, reviews starting on or after this date are in the fetched history data. + reviewHistoryPeriodStartDateTime?: NullableOption; + // Timestamp when the instance's history data is scheduled to be generated. + runDateTime?: string; /** - * When set to true, each attendee only sees themselves in the meeting request and meeting Tracking list. Default is - * false. + * Represents the status of the review history data collection. The possible values are: done, inProgress, error, + * requested, unknownFutureValue. Once the status has been marked as done, a link can be generated to retrieve the + * instance's data by calling generateDownloadUri method. */ - hideAttendees?: NullableOption; - importance?: NullableOption; - isAllDay?: NullableOption; - isCancelled?: NullableOption; - isDraft?: NullableOption; - isOnlineMeeting?: NullableOption; - isOrganizer?: NullableOption; - isReminderOn?: NullableOption; - location?: NullableOption; - locations?: NullableOption; - occurrenceId?: NullableOption; - onlineMeeting?: NullableOption; - onlineMeetingProvider?: NullableOption; - onlineMeetingUrl?: NullableOption; - organizer?: NullableOption; - originalEndTimeZone?: NullableOption; - originalStart?: NullableOption; - originalStartTimeZone?: NullableOption; - recurrence?: NullableOption; - reminderMinutesBeforeStart?: NullableOption; - responseRequested?: NullableOption; - responseStatus?: NullableOption; - sensitivity?: NullableOption; - seriesMasterId?: NullableOption; - showAs?: NullableOption; - start?: NullableOption; - subject?: NullableOption; - transactionId?: NullableOption; - type?: NullableOption; - uid?: NullableOption; - webLink?: NullableOption; + status?: NullableOption; +} +export interface AccessReviewInstance extends Entity { /** - * The collection of FileAttachment, ItemAttachment, and referenceAttachment attachments for the event. Navigation - * property. Read-only. Nullable. + * DateTime when review instance is scheduled to end. The DatetimeOffset type represents date and time information using + * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports + * $select. Read-only. */ - attachments?: NullableOption; - // The calendar that contains the event. Navigation property. Read-only. - calendar?: NullableOption; - exceptionOccurrences?: NullableOption; - // The collection of open extensions defined for the event. Nullable. - extensions?: NullableOption; + endDateTime?: NullableOption; + // Collection of errors in an access review instance lifecycle. Read-only. + errors?: NullableOption; /** - * The occurrences of a recurring series, if the event is a series master. This property includes occurrences that are - * part of the recurrence pattern, and exceptions that have been modified, but does not include occurrences that have been - * cancelled from the series. Navigation property. Read-only. Nullable. + * This collection of reviewer scopes is used to define the list of fallback reviewers. These fallback reviewers are + * notified to take action if no users are found from the list of reviewers specified. This could occur when either the + * group owner is specified as the reviewer but the group owner doesn't exist, or manager is specified as reviewer but a + * user's manager doesn't exist. Supports $select. */ - instances?: NullableOption; - // The collection of multi-value extended properties defined for the event. Read-only. Nullable. - multiValueExtendedProperties?: NullableOption; - // The collection of single-value extended properties defined for the event. Read-only. Nullable. - singleValueExtendedProperties?: NullableOption; -} -export interface Conversation extends Entity { + fallbackReviewers?: NullableOption; /** - * Indicates whether any of the posts within this Conversation has at least one attachment. Supports $filter (eq, ne) and - * $search. + * This collection of access review scopes is used to define who the reviewers are. Supports $select. For examples of + * options for assigning reviewers, see Assign reviewers to your access review definition using the Microsoft Graph API. */ - hasAttachments?: boolean; + reviewers?: NullableOption; /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq, ne, le, ge). + * Created based on scope and instanceEnumerationScope at the accessReviewScheduleDefinition level. Defines the scope of + * users reviewed in a group. Supports $select and $filter (contains only). Read-only. */ - lastDeliveredDateTime?: string; - // A short summary from the body of the latest post in this conversation. - preview?: string; - // The topic of the conversation. This property can be set when the conversation is created, but it cannot be updated. - topic?: string; - // All the users that sent a message to this Conversation. - uniqueSenders?: string[]; - // A collection of all the conversation threads in the conversation. A navigation property. Read-only. Nullable. - threads?: NullableOption; -} -export interface ConversationThread extends Entity { - // The Cc: recipients for the thread. Returned only on $select. - ccRecipients?: Recipient[]; - // Indicates whether any of the posts within this thread has at least one attachment. Returned by default. - hasAttachments?: boolean; - // Indicates if the thread is locked. Returned by default. - isLocked?: boolean; + scope?: NullableOption; /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. + * DateTime when review instance is scheduled to start. May be in the future. The DateTimeOffset type represents date and + * time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is + * 2014-01-01T00:00:00Z. Supports $select. Read-only. */ - lastDeliveredDateTime?: string; - // A short summary from the body of the latest post in this conversation. Returned by default. - preview?: string; + startDateTime?: NullableOption; /** - * The topic of the conversation. This property can be set when the conversation is created, but it cannot be updated. - * Returned by default. + * Specifies the status of an accessReview. Possible values: Initializing, NotStarted, Starting, InProgress, Completing, + * Completed, AutoReviewing, and AutoReviewed. Supports $select, $orderby, and $filter (eq only). Read-only. */ - topic?: string; - // The To: recipients for the thread. Returned only on $select. - toRecipients?: Recipient[]; - // All the users that sent a message to this thread. Returned by default. - uniqueSenders?: string[]; - posts?: NullableOption; -} -export interface BaseItem extends Entity { - // Identity of the user, device, or application that created the item. Read-only. - createdBy?: NullableOption; - // Date and time of item creation. Read-only. - createdDateTime?: string; - description?: NullableOption; - // ETag for the item. Read-only. - eTag?: NullableOption; - // Identity of the user, device, and application that last modified the item. Read-only. - lastModifiedBy?: NullableOption; - // Date and time the item was last modified. Read-only. - lastModifiedDateTime?: string; - // The name of the item. Read-write. - name?: NullableOption; - // Parent information, if the item has a parent. Read-write. - parentReference?: NullableOption; + status?: NullableOption; /** - * URL that either displays the resource in the browser (for Office file formats), or is a direct link to the file (for - * other formats). Read-only. + * Returns the collection of reviewers who were contacted to complete this review. While the reviewers and + * fallbackReviewers properties of the accessReviewScheduleDefinition might specify group owners or managers as reviewers, + * contactedReviewers returns their individual identities. Supports $select. Read-only. */ - webUrl?: NullableOption; - createdByUser?: NullableOption; - lastModifiedByUser?: NullableOption; -} -export interface Drive extends BaseItem { + contactedReviewers?: NullableOption; /** - * Describes the type of drive represented by this resource. OneDrive personal drives return personal. OneDrive for - * Business returns business. SharePoint document libraries return documentLibrary. Read-only. + * Each user reviewed in an accessReviewInstance has a decision item representing if they were approved, denied, or not + * yet reviewed. */ - driveType?: NullableOption; - // Optional. The user account that owns the drive. Read-only. - owner?: NullableOption; - // Optional. Information about the drive's storage space quota. Read-only. - quota?: NullableOption; - sharePointIds?: NullableOption; - // If present, indicates that this is a system-managed drive. Read-only. - system?: NullableOption; - // The list of recent activities that took place under this drive. - activities?: NullableOption; - // Collection of [bundles][bundle] (albums and multi-select-shared sets of items). Only in personal OneDrive. - bundles?: NullableOption; - // The list of items the user is following. Only in OneDrive for Business. - following?: NullableOption; - // All items contained in the drive. Read-only. Nullable. - items?: NullableOption; - // For drives in SharePoint, the underlying document library list. Read-only. Nullable. - list?: NullableOption; - // The root folder of the drive. Read-only. - root?: NullableOption; - // Collection of common folders available in OneDrive. Read-only. Nullable. - special?: NullableOption; -} -export interface Site extends BaseItem { - deleted?: NullableOption; - // The full title for the site. Read-only. - displayName?: NullableOption; - isPersonalSite?: NullableOption; - // If present, indicates that this is the root site in the site collection. Read-only. - root?: NullableOption; - // The settings on this site. Read-only. - settings?: NullableOption; - // Returns identifiers useful for SharePoint REST compatibility. Read-only. - sharepointIds?: NullableOption; - // Provides details about the site's site collection. Available only on the root site. Read-only. - siteCollection?: NullableOption; - informationProtection?: NullableOption; - // Analytics about the view activities that took place in this site. - analytics?: NullableOption; - // The collection of column definitions reusable across lists under this site. - columns?: NullableOption; - // The collection of content types defined for this site. - contentTypes?: NullableOption; - // The default drive (document library) for this site. - drive?: NullableOption; - // The collection of drives (document libraries) under this site. - drives?: NullableOption; + decisions?: NullableOption; /** - * The collection of column definitions available in the site that are referenced from the sites in the parent hierarchy - * of the current site. + * There's exactly one accessReviewScheduleDefinition associated with each instance. It's the parent schedule for the + * instance, where instances are created for each recurrence of a review definition and each group selected to review by + * the definition. */ - externalColumns?: NullableOption; - // Used to address any item contained in this site. This collection cannot be enumerated. - items?: NullableOption; - // The collection of lists under this site. - lists?: NullableOption; - // The collection of long running operations for the site. - operations?: NullableOption; - // The collection of pages in the baseSitePages list in this site. - pages?: NullableOption; - // The permissions associated with the site. Nullable. - permissions?: NullableOption; - // A container for a collection of recycleBinItem resources in this site. - recycleBin?: NullableOption; - // The collection of the sub-sites under this site. - sites?: NullableOption; - // The termStore under this site. - termStore?: NullableOption; - onenote?: NullableOption; + definition?: NullableOption; + /** + * If the instance has multiple stages, this returns the collection of stages. A new stage will only be created when the + * previous stage ends. The existence, number, and settings of stages on a review instance are created based on the + * accessReviewStageSettings on the parent accessReviewScheduleDefinition. + */ + stages?: NullableOption; } -// tslint:disable-next-line: no-empty-interface -export interface Extension extends Entity {} -export interface GroupLifecyclePolicy extends Entity { +export interface AccessReviewInstanceDecisionItem extends Entity { + // The identifier of the accessReviewInstance parent. Supports $select. Read-only. + accessReviewId?: string; /** - * List of email address to send notifications for groups without owners. Multiple email address can be defined by - * separating email address with a semicolon. + * The identifier of the user who applied the decision. 00000000-0000-0000-0000-000000000000 if the assigned reviewer + * hasn't applied the decision or it was automatically applied. Read-only. */ - alternateNotificationEmails?: NullableOption; + appliedBy?: NullableOption; /** - * Number of days before a group expires and needs to be renewed. Once renewed, the group expiration is extended by the - * number of days defined. + * The timestamp when the approval decision was applied. The DatetimeOffset type represents date and time information + * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Supports $select. Read-only. */ - groupLifetimeInDays?: NullableOption; - // The group type for which the expiration policy applies. Possible values are All, Selected or None. - managedGroupTypes?: NullableOption; -} -export interface PlannerGroup extends Entity { - // Read-only. Nullable. Returns the plannerPlans owned by the group. - plans?: NullableOption; -} -export interface Onenote extends Entity { - // The collection of OneNote notebooks that are owned by the user or group. Read-only. Nullable. - notebooks?: NullableOption; + appliedDateTime?: NullableOption; + /** + * The result of applying the decision. Possible values: New, AppliedSuccessfully, AppliedWithUnknownFailure, + * AppliedSuccessfullyButObjectNotFound and ApplyNotSupported. Supports $select, $orderby, and $filter (eq only). + * Read-only. + */ + applyResult?: NullableOption; /** - * The status of OneNote operations. Getting an operations collection isn't supported, but you can get the status of - * long-running operations if the Operation-Location header is returned in the response. Read-only. Nullable. + * Result of the review. Possible values: Approve, Deny, NotReviewed, or DontKnow. Supports $select, $orderby, and $filter + * (eq only). */ - operations?: NullableOption; - // The pages in all OneNote notebooks that are owned by the user or group. Read-only. Nullable. - pages?: NullableOption; + decision?: NullableOption; + // Justification left by the reviewer when they made the decision. + justification?: NullableOption; /** - * The image and other file resources in OneNote pages. Getting a resources collection isn't supported, but you can get - * the binary content of a specific resource. Read-only. Nullable. + * Every decision item in an access review represents a principal's access to a resource. This property represents details + * of the principal. For example, if a decision item represents access of User 'Bob' to Group 'Sales' - The principal is + * 'Bob' and the resource is 'Sales'. Principals can be of two types - userIdentity and servicePrincipalIdentity. Supports + * $select. Read-only. */ - resources?: NullableOption; - // The section groups in all OneNote notebooks that are owned by the user or group. Read-only. Nullable. - sectionGroups?: NullableOption; - // The sections in all OneNote notebooks that are owned by the user or group. Read-only. Nullable. - sections?: NullableOption; -} -export interface ProfilePhoto extends Entity { - // The height of the photo. Read-only. - height?: NullableOption; - // The width of the photo. Read-only. - width?: NullableOption; -} -export interface Team extends Entity { + principal?: NullableOption; /** - * An optional label. Typically describes the data or business sensitivity of the team. Must match one of a pre-configured - * set in the tenant's directory. + * Link to the principal object. For example: https://graph.microsoft.com/v1.0/users/a6c7aecb-cbfd-4763-87ef-e91b4bd509d9. + * Read-only. */ - classification?: NullableOption; - // Timestamp at which the team was created. - createdDateTime?: NullableOption; - // An optional description for the team. Maximum length: 1024 characters. - description?: NullableOption; - // Settings to configure team discoverability by others. - discoverySettings?: NullableOption; - // The name of the team. - displayName?: NullableOption; - // Settings to configure use of Giphy, memes, and stickers in the team. - funSettings?: NullableOption; - // Settings to configure whether guests can create, update, or delete channels in the team. - guestSettings?: NullableOption; - // A unique ID for the team that has been used in a few places such as the audit log/Office 365 Management Activity API. - internalId?: NullableOption; - // Whether this team is in read-only mode. - isArchived?: NullableOption; + principalLink?: NullableOption; /** - * If set to true, the team is currently in the owner-only team membership state and not accessible by other team members, - * such as students. + * Every decision item in an access review represents a principal's membership to a resource. This property provides the + * details of the membership. For example, whether the principal has direct access or indirect access to the resource. + * Supports $select. Read-only. */ - isMembershipLimitedToOwners?: NullableOption; + principalResourceMembership?: NullableOption; /** - * Settings to configure whether members can perform certain actions, for example, create channels and add bots, in the - * team. + * A system-generated recommendation for the approval decision based off last interactive sign-in to tenant. Recommend + * approve if sign-in is within thirty days of start of review. Recommend deny if sign-in is greater than thirty days of + * start of review. Recommendation not available otherwise. Possible values: Approve, Deny, or NoInfoAvailable. Supports + * $select, $orderby, and $filter (eq only). Read-only. */ - memberSettings?: NullableOption; - // Settings to configure messaging and mentions in the team. - messagingSettings?: NullableOption; + recommendation?: NullableOption; /** - * Optional. Indicates whether the team is intended for a particular use case. Each team specialization has access to - * unique behaviors and experiences targeted to its use case. + * Every decision item in an access review represents a principal's access to a resource. This property represents details + * of the resource. For example, if a decision item represents access of User 'Bob' to Group 'Sales' - The principal is + * Bob and the resource is 'Sales'. Resources can be of multiple types. See accessReviewInstanceDecisionItemResource. + * Read-only. */ - specialization?: NullableOption; - // Contains summary information about the team, including number of owners, members, and guests. - summary?: NullableOption; - // The ID of the Microsoft Entra tenant. - tenantId?: NullableOption; - // The visibility of the group and team. Defaults to Public. - visibility?: NullableOption; + resource?: NullableOption; /** - * A hyperlink that will go to the team in the Microsoft Teams client. This is the URL that you get when you right-click a - * team in the Microsoft Teams client and select Get link to team. This URL should be treated as an opaque blob, and not - * parsed. + * A link to the resource. For example, + * https://graph.microsoft.com/v1.0/servicePrincipals/c86300f3-8695-4320-9f6e-32a2555f5ff8. Supports $select. Read-only. */ - webUrl?: NullableOption; - // List of channels either hosted in or shared with the team (incoming channels). - allChannels?: NullableOption; - // The collection of channels and messages associated with the team. - channels?: NullableOption; - group?: NullableOption; - // List of channels shared with the team. - incomingChannels?: NullableOption; - // The apps installed in this team. - installedApps?: NullableOption; - // Members and owners of the team. - members?: NullableOption; - // The async operations that ran or are running on this team. - operations?: NullableOption; + resourceLink?: NullableOption; /** - * The list of this team's owners. Currently, when creating a team using application permissions, exactly one owner must - * be specified. When using user delegated permissions, no owner can be specified (the current user is the owner). Owner - * must be specified as an object ID (GUID), not a UPN. + * The identifier of the reviewer. 00000000-0000-0000-0000-000000000000 if the assigned reviewer hasn't reviewed. Supports + * $select. Read-only. */ - owners?: NullableOption; - // A collection of permissions granted to apps to access the team. - permissionGrants?: NullableOption; - // The team photo. - photo?: NullableOption; - // The general channel for the team. - primaryChannel?: NullableOption; - // The tags associated with the team. - tags?: NullableOption; - // The template this team was created from. See available templates. - template?: NullableOption; - // Generic representation of a team template definition for a team with a specific structure and configuration. - templateDefinition?: NullableOption; - // The schedule of shifts for this team. - schedule?: NullableOption; -} -// tslint:disable-next-line: interface-name -export interface IdentityGovernance { - lifecycleWorkflows?: NullableOption; - accessReviews?: NullableOption; - appConsent?: NullableOption; - termsOfUse?: NullableOption; - entitlementManagement?: NullableOption; - permissionsAnalytics?: PermissionsAnalyticsAggregation; - permissionsManagement?: NullableOption; - privilegedAccess?: NullableOption; - roleManagementAlerts?: NullableOption; -} -export interface AccessReviewSet extends Entity { - // Represents a Microsoft Entra access review decision on an instance of a review. - decisions?: NullableOption; - // Represents the template and scheduling for an access review. - definitions?: NullableOption; - // Represents a collection of access review history data and the scopes used to collect that data. - historyDefinitions?: NullableOption; - // Resource that enables administrators to manage directory-level access review policies in their tenant. - policy?: NullableOption; -} -export interface AppConsentApprovalRoute extends Entity { + reviewedBy?: NullableOption; + // The timestamp when the review decision occurred. Supports $select. Read-only. + reviewedDateTime?: NullableOption; /** - * A collection of appConsentRequest objects representing apps for which admin consent has been requested by one or more - * users. + * The target of this specific decision. Decision targets can be of different types – each one with its own specific + * properties. See accessReviewInstanceDecisionItemTarget. Read-only. This property has been replaced by the principal and + * resource properties in v1.0. */ - appConsentRequests?: NullableOption; -} -export interface TermsOfUseContainer extends Entity { - // Represents the current status of a user's response to a company's customizable terms of use agreement. - agreementAcceptances?: NullableOption; - // Represents a tenant's customizable terms of use agreement that's created and managed with Microsoft Entra ID. - agreements?: NullableOption; -} -export interface EntitlementManagement extends Entity { - accessPackageAssignmentApprovals?: NullableOption; + target?: NullableOption; /** - * Represents the policy that governs which subjects can request or be assigned an access package via an access package - * assignment. + * Insights are recommendations to reviewers on whether to approve or deny a decision. There can be multiple insights + * associated with an accessReviewInstanceDecisionItem. */ - accessPackageAssignmentPolicies?: NullableOption; - // Represents access package assignment requests created by or on behalf of a user. - accessPackageAssignmentRequests?: NullableOption; - // Represents the resource-specific role which a subject has been assigned through an access package assignment. - accessPackageAssignmentResourceRoles?: NullableOption; - // The assignment of an access package to a subject for a period of time. - accessPackageAssignments?: NullableOption; - // A container of access packages. - accessPackageCatalogs?: NullableOption; - // A reference to the geolocation environment in which a resource is located. - accessPackageResourceEnvironments?: NullableOption; - // Represents a request to add or remove a resource to or from a catalog respectively. - accessPackageResourceRequests?: NullableOption; - // A reference to both a scope within a resource, and a role in that resource for that scope. - accessPackageResourceRoleScopes?: NullableOption; - // A reference to a resource associated with an access package catalog. - accessPackageResources?: NullableOption; - // Represents access package objects. - accessPackages?: NullableOption; - // Represents references to a directory or domain of another organization whose users can request access. - connectedOrganizations?: NullableOption; - // Represents the settings that control the behavior of Microsoft Entra entitlement management. - settings?: NullableOption; - // Represents the subjects within entitlement management. - subjects?: NullableOption; -} -export interface PermissionsAnalyticsAggregation extends Entity { - // AWS permissions analytics findings. - aws?: PermissionsAnalytics; - // Azure permissions analytics findings. - azure?: PermissionsAnalytics; - // GCP permissions analytics findings. - gcp?: PermissionsAnalytics; -} -export interface PermissionsManagement extends Entity { - // Represents a change event of the scheduledPermissionsRequest entity. - permissionsRequestChanges?: NullableOption; + insights?: NullableOption; /** - * Represents a permissions request that Permissions Management uses to manage permissions for an identity on resources in - * the authorization system. This request can be granted, rejected or canceled by identities in Permissions Management. + * There is exactly one accessReviewInstance associated with each decision. The instance is the parent of the decision + * item, representing the recurrence of the access review the decision is made on. */ - scheduledPermissionsRequests?: NullableOption; + instance?: NullableOption; } -export interface PrivilegedAccessRoot extends Entity { - // A group that's governed through Privileged Identity Management (PIM). - group?: NullableOption; +export interface AccessReviewPolicy extends Entity { + // Description for this policy. Read-only. + description?: NullableOption; + // Display name for this policy. Read-only. + displayName?: string; + // If true, group owners can create and manage access reviews on groups they own. + isGroupOwnerManagementEnabled?: boolean; } -export interface RoleManagementAlert extends Entity { - /** - * The various configurations of an alert for Microsoft Entra roles. The configurations are predefined and can't be - * created or deleted, but some of the configurations can be modified. - */ - alertConfigurations?: NullableOption; - // Defines an alert, its impact, and measures to mitigate or prevent it. - alertDefinitions?: NullableOption; - // Represents the alert entity. - alerts?: NullableOption; - // Represents operations on resources that take a long time to complete and can run in the background until completion. - operations?: NullableOption; +export interface AccessReviewReviewer extends Entity { + // The date when the reviewer was added for the access review. + createdDateTime?: NullableOption; + // Name of reviewer. + displayName?: NullableOption; + // User principal name of the user. + userPrincipalName?: NullableOption; } -export interface User extends DirectoryObject { - /** - * Get the last signed-in date and request ID of the sign-in for a given user. Read-only.Returned only on $select. - * Supports $filter (eq, ne, not, ge, le) but not with any other filterable properties. Note: Details for this property - * require a Microsoft Entra ID P1 or P2 license and the AuditLog.Read.All permission.This property is not returned for a - * user who has never signed in or last signed in before April 2020. - */ - signInActivity?: NullableOption; +export interface AccessReviewScheduleDefinition extends Entity { + // Defines the list of additional users or group members to be notified of the access review progress. + additionalNotificationRecipients?: NullableOption; + backupReviewers?: NullableOption; + // User who created this review. Read-only. + createdBy?: NullableOption; + // Timestamp when the access review series was created. Supports $select. Read-only. + createdDateTime?: NullableOption; + // Description provided by review creators to provide more context of the review to admins. Supports $select. + descriptionForAdmins?: NullableOption; /** - * true if the account is enabled; otherwise, false. This property is required when a user is created. Supports $filter - * (eq, ne, not, and in). + * Description provided by review creators to provide more context of the review to reviewers. Reviewers see this + * description in the email sent to them requesting their review. Email notifications support up to 256 characters. + * Supports $select. */ - accountEnabled?: NullableOption; + descriptionForReviewers?: NullableOption; + // Name of the access review series. Supports $select and $orderby. Required on create. + displayName?: NullableOption; /** - * Sets the age group of the user. Allowed values: null, Minor, NotAdult, and Adult. For more information, see legal age - * group property definitions. Supports $filter (eq, ne, not, and in). + * This collection of reviewer scopes is used to define the list of fallback reviewers. These fallback reviewers will be + * notified to take action if no users are found from the list of reviewers specified. This could occur when either the + * group owner is specified as the reviewer but the group owner doesn't exist, or manager is specified as reviewer but a + * user's manager doesn't exist. See accessReviewReviewerScope. Replaces backupReviewers. Supports $select. NOTE: The + * value of this property will be ignored if fallback reviewers are assigned through the stageSettings property. */ - ageGroup?: NullableOption; + fallbackReviewers?: NullableOption; /** - * The licenses that are assigned to the user, including inherited (group-based) licenses. This property doesn't - * differentiate between directly assigned and inherited licenses. Use the licenseAssignmentStates property to identify - * the directly assigned and inherited licenses. Not nullable. Supports $filter (eq, not, /$count eq 0, /$count ne 0). + * This property is required when scoping a review to guest users' access across all Microsoft 365 groups and determines + * which Microsoft 365 groups are reviewed. Each group becomes a unique accessReviewInstance of the access review series. + * For supported scopes, see accessReviewScope. Supports $select. For examples of options for configuring + * instanceEnumerationScope, see Configure the scope of your access review definition using the Microsoft Graph API. */ - assignedLicenses?: AssignedLicense[]; - // The plans that are assigned to the user. Read-only. Not nullable.Supports $filter (eq and not). - assignedPlans?: AssignedPlan[]; + instanceEnumerationScope?: NullableOption; + // Timestamp when the access review series was last modified. Supports $select. Read-only. + lastModifiedDateTime?: NullableOption; /** - * Identifiers that can be used to identify and authenticate a user in non-Azure AD environments. This property can store - * identifiers for smartcard-based certificates that users use to access on-premises Active Directory deployments or - * federated access. It can also be used to store the Subject Alternate Name (SAN) that's associated with a Common Access - * Card (CAC). Nullable.Supports $filter (eq and startsWith). + * This collection of access review scopes is used to define who are the reviewers. The reviewers property is only + * updatable if individual users are assigned as reviewers. Required on create. Supports $select. For examples of options + * for assigning reviewers, see Assign reviewers to your access review definition using the Microsoft Graph API. NOTE: The + * value of this property will be ignored if reviewers are assigned through the stageSettings property. */ - authorizationInfo?: NullableOption; + reviewers?: NullableOption; /** - * The telephone numbers for the user. Only one number can be set for this property. Read-only for users synced from - * on-premises directory. Supports $filter (eq, not, ge, le, startsWith). + * Defines the entities whose access is reviewed. For supported scopes, see accessReviewScope. Required on create. + * Supports $select and $filter (contains only). For examples of options for configuring scope, see Configure the scope of + * your access review definition using the Microsoft Graph API. */ - businessPhones?: string[]; + scope?: NullableOption; + // The settings for an access review series, see type definition below. Supports $select. Required on create. + settings?: NullableOption; /** - * The city where the user is located. Maximum length is 128 characters. Supports $filter (eq, ne, not, ge, le, in, - * startsWith, and eq on null values). + * Required only for a multi-stage access review to define the stages and their settings. You can break down each review + * instance into up to three sequential stages, where each stage can have a different set of reviewers, fallback + * reviewers, and settings. Stages are created sequentially based on the dependsOn property. Optional. When this property + * is defined, its settings are used instead of the corresponding settings in the accessReviewScheduleDefinition object + * and its settings, reviewers, and fallbackReviewers properties. */ - city?: NullableOption; - // Microsoft realtime communication information related to the user. Supports $filter (eq, ne,not). - cloudRealtimeCommunicationInfo?: NullableOption; + stageSettings?: NullableOption; /** - * The name of the company the user is associated with. This property can be useful for describing the company that an - * external user comes from. The maximum length is 64 characters.Supports $filter (eq, ne, not, ge, le, in, startsWith, - * and eq on null values). + * This read-only field specifies the status of an access review. The typical states include Initializing, NotStarted, + * Starting, InProgress, Completing, Completed, AutoReviewing, and AutoReviewed. Supports $select, $orderby, and $filter + * (eq only). Read-only. */ - companyName?: NullableOption; + status?: NullableOption; /** - * Sets whether consent has been obtained for minors. Allowed values: null, Granted, Denied and NotRequired. Refer to the - * legal age group property definitions for further information. Supports $filter (eq, ne, not, and in). + * Set of access reviews instances for this access review series. Access reviews that don't recur will only have one + * instance; otherwise, there's an instance for each recurrence. */ - consentProvidedForMinor?: NullableOption; + instances?: NullableOption; +} +export interface AccessReviewSet extends Entity { + // Represents a Microsoft Entra access review decision on an instance of a review. + decisions?: NullableOption; + // Represents the template and scheduling for an access review. + definitions?: NullableOption; + // Represents a collection of access review history data and the scopes used to collect that data. + historyDefinitions?: NullableOption; + // Resource that enables administrators to manage directory-level access review policies in their tenant. + policy?: NullableOption; +} +export interface AccessReviewStage extends Entity { /** - * The country or region where the user is located; for example, US or UK. Maximum length is 128 characters. Supports - * $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). + * DateTime when review stage is scheduled to end. The DatetimeOffset type represents date and time information using ISO + * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. This property + * is the cumulative total of the durationInDays for all stages. Read-only. */ - country?: NullableOption; + endDateTime?: NullableOption; /** - * The date and time the user was created in ISO 8601 format and UTC. The value cannot be modified and is automatically - * populated when the entity is created. Nullable. For on-premises users, the value represents when they were first - * created in Microsoft Entra ID. Property is null for some users created before June 2018 and on-premises users synced to - * Microsoft Entra ID before June 2018. Read-only. Supports $filter (eq, ne, not , ge, le, in). + * This collection of reviewer scopes is used to define the list of fallback reviewers. These fallback reviewers are + * notified to take action if no users are found from the list of reviewers specified. This can occur when either the + * group owner is specified as the reviewer but the group owner does not exist, or manager is specified as reviewer but a + * user's manager does not exist. */ - createdDateTime?: NullableOption; + fallbackReviewers?: NullableOption; /** - * Indicates whether the user account was created through one of the following methods: As a regular school or work - * account (null). As an external account (Invitation). As a local account for an Azure Active Directory B2C tenant - * (LocalAccount). Through self-service sign-up by an internal user using email verification (EmailVerified). Through - * self-service sign-up by an external user signing up through a link that is part of a user flow (SelfServiceSignUp). - * Read-only.Supports $filter (eq, ne, not, and in). + * This collection of access review scopes is used to define who the reviewers are. For examples of options for assigning + * reviewers, see Assign reviewers to your access review definition using the Microsoft Graph API. */ - creationType?: NullableOption; + reviewers?: NullableOption; /** - * An open complex type that holds the value of a custom security attribute that is assigned to a directory object. - * Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). The filter value is case-sensitive. + * DateTime when review stage is scheduled to start. May be in the future. The DateTimeOffset type represents date and + * time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is + * 2014-01-01T00:00:00Z. Read-only. */ - customSecurityAttributes?: NullableOption; + startDateTime?: NullableOption; /** - * The name of the department where the user works. Maximum length is 64 characters.Supports $filter (eq, ne, not , ge, - * le, in, and eq on null values). + * Specifies the status of an accessReviewStage. Possible values: Initializing, NotStarted, Starting, InProgress, + * Completing, Completed, AutoReviewing, and AutoReviewed. Supports $orderby, and $filter (eq only). Read-only. */ - department?: NullableOption; - deviceKeys?: DeviceKey[]; + status?: NullableOption; /** - * The name displayed in the address book for the user. This value is usually the combination of the user's first name, - * middle initial, and last name. This property is required when a user is created, and it cannot be cleared during - * updates. Maximum length is 256 characters. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null - * values), $orderby, and $search. + * Each user reviewed in an accessReviewStage has a decision item representing if they were approved, denied, or not yet + * reviewed. */ + decisions?: NullableOption; +} +export interface Account { + blocked?: NullableOption; + category?: NullableOption; displayName?: NullableOption; + id?: string; + lastModifiedDateTime?: NullableOption; + number?: NullableOption; + subCategory?: NullableOption; +} +export interface ActiveDirectoryWindowsAutopilotDeploymentProfile extends WindowsAutopilotDeploymentProfile { /** - * The date and time when the user was hired or will start work if there is a future hire. Supports $filter (eq, ne, not , - * ge, le, in). + * The Autopilot Hybrid Azure AD join flow will continue even if it does not establish domain controller connectivity + * during OOBE. */ - employeeHireDate?: NullableOption; + hybridAzureADJoinSkipConnectivityCheck?: boolean; + // Configuration to join Active Directory domain + domainJoinConfiguration?: NullableOption; +} +export interface ActiveUsersBreakdownMetric extends Entity { + // The ID of the Microsoft Entra application. + appId?: string; + // Name of the application users authenticated to. + appName?: string; + // The total number of users who made at least one authentication request within the specified time period. + count?: number; + // The date of the insight. + factDate?: string; + // The platform for the device that the customers used. Supports $filter (eq). + os?: string; +} +export interface ActiveUsersMetric extends Entity { + appId?: NullableOption; + appName?: NullableOption; + // The total number of users who made at least one authentication request within the specified time period. + count?: number; + country?: NullableOption; + // Date of the insight. + factDate?: string; + language?: NullableOption; + os?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface ActivityBasedTimeoutPolicy extends StsPolicy {} +export interface ActivityHistoryItem extends Entity { + activeDurationSeconds?: NullableOption; + createdDateTime?: NullableOption; + expirationDateTime?: NullableOption; + lastActiveDateTime?: NullableOption; + lastModifiedDateTime?: NullableOption; + startedDateTime?: string; + status?: NullableOption; + userTimezone?: NullableOption; + activity?: UserActivity; +} +export interface ActivityStatistics extends Entity { + // The type of activity for which statistics are returned. The possible values are: call, chat, email, focus, and meeting. + activity?: NullableOption; + // Total hours spent on the activity. The value is represented in ISO 8601 format for durations. + duration?: string; /** - * The employee identifier assigned to the user by the organization. The maximum length is 16 characters.Supports $filter - * (eq, ne, not , ge, le, in, startsWith, and eq on null values). + * Date when the activity ended, expressed in ISO 8601 format for calendar dates. For example, the property value could be + * '2019-07-03' that follows the YYYY-MM-DD format. */ - employeeId?: NullableOption; + endDate?: string; /** - * The date and time when the user left or will leave the organization. To read this property, the calling app must be - * assigned the User-LifeCycleInfo.Read.All permission. To write this property, the calling app must be assigned the - * User.Read.All and User-LifeCycleInfo.ReadWrite.All permissions. To read this property in delegated scenarios, the admin - * needs one of the following Microsoft Entra roles: Lifecycle Workflows Administrator, Global Reader, or Global - * Administrator. To write this property in delegated scenarios, the admin needs the Global Administrator role. Supports - * $filter (eq, ne, not , ge, le, in). For more information, see Configure the employeeLeaveDateTime property for a user. + * Date when the activity started, expressed in ISO 8601 format for calendar dates. For example, the property value could + * be '2019-07-04' that follows the YYYY-MM-DD format. */ - employeeLeaveDateTime?: NullableOption; + startDate?: string; /** - * Represents organization data (for example, division and costCenter) associated with a user. Supports $filter (eq, ne, - * not , ge, le, in). + * The time zone that the user sets in Microsoft Outlook is used for the computation. For example, the property value + * could be 'Pacific Standard Time.' */ - employeeOrgData?: NullableOption; + timeZoneUsed?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface AddLargeGalleryViewOperation extends CommsOperation {} +export interface Admin { + appsAndServices?: NullableOption; + dynamics?: NullableOption; + // A container for Microsoft Edge resources. Read-only. + edge?: NullableOption; + forms?: NullableOption; + // A container for the Microsoft 365 apps admin functionality. + microsoft365Apps?: NullableOption; + // Represents a setting to control people-related admin settings in the tenant. + people?: NullableOption; + // A container for administrative resources to manage reports. + reportSettings?: NullableOption; + // A container for service communications resources. Read-only. + serviceAnnouncement?: NullableOption; + sharepoint?: NullableOption; + todo?: NullableOption; + // A container for all Windows administrator functionalities. Read-only. + windows?: NullableOption; +} +export interface AdminAppsAndServices extends Entity { + // Company-wide settings for apps and services. + settings?: AppsAndServicesSettings; +} +export interface AdminConsentRequestPolicy extends Entity { + // Specifies whether the admin consent request feature is enabled or disabled. Required. + isEnabled?: boolean; + // Specifies whether reviewers will receive notifications. Required. + notifyReviewers?: boolean; + // Specifies whether reviewers will receive reminder emails. Required. + remindersEnabled?: boolean; + // Specifies the duration the request is active before it automatically expires if no decision is applied. + requestDurationInDays?: number; + // Required. + reviewers?: NullableOption; + // Specifies the version of this policy. When the policy is updated, this version is updated. Read-only. + version?: number; +} +export interface AdminDynamics extends Entity { + // Company-wide settings for Microsoft Dynamics 365 Customer Voice. + customerVoice?: CustomerVoiceSettings; +} +export interface AdminForms extends Entity { + // Company-wide settings for Microsoft Forms. + settings?: FormsSettings; +} +export interface AdministrativeUnit extends DirectoryObject { + // An optional description for the administrative unit. Supports $filter (eq, ne, in, startsWith), $search. + description?: NullableOption; /** - * Captures enterprise worker type. For example, Employee, Contractor, Consultant, or Vendor. Supports $filter (eq, ne, - * not , ge, le, in, startsWith). + * Display name for the administrative unit. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null + * values), $search, and $orderby. */ - employeeType?: NullableOption; + displayName?: NullableOption; /** - * For an external user invited to the tenant using the invitation API, this property represents the invited user's - * invitation status. For invited users, the state can be PendingAcceptance or Accepted, or null for all other users. - * Supports $filter (eq, ne, not , in). + * true if members of this administrative unit should be treated as sensitive, which requires specific permissions to + * manage. Default value is false. Use this property to define administrative units whose roles don't inherit from + * tenant-level administrators, and management of individual member objects is limited to administrators scoped to a + * restricted management administrative unit. Immutable, so can't be changed later. For more information about working + * with restricted management administrative units, see Restricted management administrative units in Microsoft Entra ID. */ - externalUserState?: NullableOption; - // Shows the timestamp for the latest change to the externalUserState property. Supports $filter (eq, ne, not , in). - externalUserStateChangeDateTime?: NullableOption; - // The fax number of the user. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq on null values). - faxNumber?: NullableOption; + isMemberManagementRestricted?: NullableOption; /** - * The given name (first name) of the user. Maximum length is 64 characters. Supports $filter (eq, ne, not , ge, le, in, - * startsWith, and eq on null values). + * Dynamic membership rule for the administrative unit. For more about the rules that you can use for dynamic + * administrative units and dynamic groups, see Using attributes to create advanced rules. */ - givenName?: NullableOption; + membershipRule?: NullableOption; /** - * Represents the identities that can be used to sign in to this user account. An identity can be provided by Microsoft - * (also known as a local account), by organizations, or by social identity providers such as Facebook, Google, and - * Microsoft and tied to a user account. It may contain multiple items with the same signInType value. Supports $filter - * (eq) including on null values, only where the signInType is not userPrincipalName. + * Used to control whether the dynamic membership rule is actively processed. Set to On when you want the dynamic + * membership rule to be active and Paused if you want to stop updating membership dynamically. If not set, the default + * behavior is Paused. */ - identities?: NullableOption; + membershipRuleProcessingState?: NullableOption; + // Membership type for the administrative unit. Can be dynamic or assigned. If not set, the default behavior is assigned. + membershipType?: NullableOption; /** - * The instant message voice-over IP (VOIP) session initiation protocol (SIP) addresses for the user. Read-only. Supports - * $filter (eq, not, ge, le, startsWith). + * Controls whether the administrative unit and its members are hidden or public. Can be set to HiddenMembership or + * Public. If not set, the default behavior is Public. When set to HiddenMembership, only members of the administrative + * unit can list other members of the administrative unit. */ - imAddresses?: NullableOption; - // Identifies the info segments assigned to the user. Supports $filter (eq, not, ge, le, startsWith). - infoCatalogs?: string[]; + visibility?: NullableOption; + // The collection of open extensions defined for this administrative unit. Nullable. + extensions?: NullableOption; + // Users and groups that are members of this administrative unit. Supports $expand. + members?: NullableOption; + // Scoped-role members of this administrative unit. + scopedRoleMembers?: NullableOption; +} +export interface AdminMicrosoft365Apps extends Entity { + // A container for tenant-level settings for Microsoft 365 applications. + installationOptions?: NullableOption; +} +export interface AdminReportSettings extends Entity { /** - * Indicates whether the user is pending an exchange mailbox license assignment. Read-only. Supports $filter (eq where - * true only). + * If set to true, all reports will conceal user information such as usernames, groups, and sites. If false, all reports + * will show identifiable information. This property represents a setting in the Microsoft 365 admin center. Required. */ - isLicenseReconciliationNeeded?: NullableOption; + displayConcealedNames?: boolean; +} +export interface AdminTodo extends Entity { + // Company-wide settings for Microsoft Todo. + settings?: TodoSettings; +} +export interface AdminWindows extends Entity { + // Entity that acts as a container for all Windows Update for Business deployment service functionalities. Read-only. + updates?: NullableOption; +} +export interface AdminWindowsUpdates extends Entity { + // Catalog of content that can be approved for deployment by the deployment service. Read-only. + catalog?: NullableOption; + // The set of updatableAsset resources to which a deployment can apply. + deploymentAudiences?: NullableOption; + // Deployments created using the deployment service. + deployments?: NullableOption; + // A collection of Windows products. + products?: NullableOption; + // Service connections to external resources such as analytics workspaces. + resourceConnections?: NullableOption; + // Assets registered with the deployment service that can receive updates. + updatableAssets?: NullableOption; + // A collection of policies for approving the deployment of different content to an audience over time. + updatePolicies?: NullableOption; +} +export interface AdvancedThreatProtectionOnboardingDeviceSettingState extends Entity { + // The DateTime when device compliance grace period expires + complianceGracePeriodExpirationDateTime?: string; + // The Device Id that is being reported + deviceId?: NullableOption; + // The device model that is being reported + deviceModel?: NullableOption; + // The Device Name that is being reported + deviceName?: NullableOption; /** - * true if the user is a member of a restricted management administrative unit, which requires a role scoped to the - * restricted administrative unit to manage. Default value is false. Read-only. To manage a user who is a member of a - * restricted administrative unit, the calling app must be assigned the Directory.Write.Restricted permission. For - * delegated scenarios, the administrators must also be explicitly assigned supported roles at the restricted - * administrative unit scope. + * Device platform type. Possible values are: desktop, windowsRT, winMO6, nokia, windowsPhone, mac, winCE, winEmbedded, + * iPhone, iPad, iPod, android, iSocConsumer, unix, macMDM, holoLens, surfaceHub, androidForWork, androidEnterprise, + * windows10x, androidnGMS, chromeOS, linux, blackberry, palm, unknown, cloudPC. */ - isManagementRestricted?: NullableOption; - // Do not use – reserved for future use. - isResourceAccount?: NullableOption; + platformType?: DeviceType; + // The setting class name and property name. + setting?: NullableOption; + // The Setting Name that is being reported + settingName?: NullableOption; /** - * The user's job title. Maximum length is 128 characters. Supports $filter (eq, ne, not , ge, le, in, startsWith, and eq - * on null values). + * The compliance state of the setting. Possible values are: unknown, notApplicable, compliant, remediated, nonCompliant, + * error, conflict, notAssigned. */ - jobTitle?: NullableOption; + state?: ComplianceStatus; + // The User email address that is being reported + userEmail?: NullableOption; + // The user Id that is being reported + userId?: NullableOption; + // The User Name that is being reported + userName?: NullableOption; + // The User PrincipalName that is being reported + userPrincipalName?: NullableOption; +} +export interface AdvancedThreatProtectionOnboardingStateSummary extends Entity { + // Number of compliant devices + compliantDeviceCount?: number; + // Number of conflict devices + conflictDeviceCount?: number; + // Number of error devices + errorDeviceCount?: number; + // Number of NonCompliant devices + nonCompliantDeviceCount?: number; + // Number of not applicable devices + notApplicableDeviceCount?: number; + // Number of not assigned devices + notAssignedDeviceCount?: number; + // Number of remediated devices + remediatedDeviceCount?: number; + // Number of unknown devices + unknownDeviceCount?: number; + advancedThreatProtectionOnboardingDeviceSettingStates?: NullableOption; +} +export interface AgedAccountsPayable { + agedAsOfDate?: NullableOption; + balanceDue?: NullableOption; + currencyCode?: NullableOption; + currentAmount?: NullableOption; + id?: string; + name?: NullableOption; + period1Amount?: NullableOption; + period2Amount?: NullableOption; + period3Amount?: NullableOption; + periodLengthFilter?: NullableOption; + vendorId?: string; + vendorNumber?: NullableOption; +} +export interface AgedAccountsReceivable { + agedAsOfDate?: NullableOption; + balanceDue?: NullableOption; + currencyCode?: NullableOption; + currentAmount?: NullableOption; + customerId?: string; + customerNumber?: NullableOption; + id?: string; + name?: NullableOption; + period1Amount?: NullableOption; + period2Amount?: NullableOption; + period3Amount?: NullableOption; + periodLengthFilter?: NullableOption; +} +export interface Agreement extends Entity { /** - * When this Microsoft Entra user last changed their password or when their password was created, whichever date the - * latest action was performed. The Timestamp type represents date and time information using ISO 8601 format and is - * always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Returned only on $select. + * Display name of the agreement. The display name is used for internal tracking of the agreement but isn't shown to end + * users who view the agreement. Supports $filter (eq). */ - lastPasswordChangeDateTime?: NullableOption; + displayName?: NullableOption; /** - * Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated - * based on ageGroup and consentProvidedForMinor properties. Allowed values: null, MinorWithOutParentalConsent, - * MinorWithParentalConsent, MinorNoParentalConsentRequired, NotAdult, and Adult. For more information, see legal age - * group property definitions. Returned only on $select. + * This setting enables you to require end users to accept this agreement on every device that they're accessing it from. + * The end user is required to register their device in Microsoft Entra ID, if they haven't already done so. Supports + * $filter (eq). */ - legalAgeGroupClassification?: NullableOption; + isPerDeviceAcceptanceRequired?: NullableOption; + // Indicates whether the user has to expand the agreement before accepting. Supports $filter (eq). + isViewingBeforeAcceptanceRequired?: NullableOption; + // Expiration schedule and frequency of agreement for all users. Supports $filter (eq). + termsExpiration?: NullableOption; /** - * State of license assignments for this user. It also indicates licenses that are directly assigned and the ones the user - * inherited through group memberships. Read-only. Returned only on $select. + * The duration after which the user must reaccept the terms of use. The value is represented in ISO 8601 format for + * durations. */ - licenseAssignmentStates?: NullableOption; + userReacceptRequiredFrequency?: NullableOption; + // Read-only. Information about acceptances of this agreement. + acceptances?: NullableOption; + // Default PDF linked to this agreement. + file?: NullableOption; /** - * The SMTP address for the user, for example, admin@contoso.com. Changes to this property also update the user's - * proxyAddresses collection to include the value as an SMTP address. This property can't contain accent characters. NOTE: - * We don't recommend updating this property for Azure AD B2C user profiles. Use the otherMails property instead. Supports - * $filter (eq, ne, not, ge, le, in, startsWith, endsWith, and eq on null values). + * PDFs linked to this agreement. Note: This property is in the process of being deprecated. Use the file property + * instead. */ - mail?: NullableOption; + files?: NullableOption; +} +export interface AgreementAcceptance extends Entity { + // ID of the agreement file accepted by the user. + agreementFileId?: NullableOption; + // ID of the agreement. + agreementId?: NullableOption; + // The display name of the device used for accepting the agreement. + deviceDisplayName?: NullableOption; + // The unique identifier of the device used for accepting the agreement. Supports $filter (eq) and eq for null values. + deviceId?: NullableOption; + // The operating system used for accepting the agreement. + deviceOSType?: NullableOption; + // The operating system version of the device used for accepting the agreement. + deviceOSVersion?: NullableOption; /** - * The mail alias for the user. This property must be specified when a user is created. Maximum length is 64 characters. - * Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values). + * The expiration date time of the acceptance. The Timestamp type represents date and time information using ISO 8601 + * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter + * (eq, ge, le) and eq for null values. */ - mailNickname?: NullableOption; + expirationDateTime?: NullableOption; /** - * The primary cellular telephone number for the user. Read-only for users synced from the on-premises directory. Supports - * $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values) and $search. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq) and eq for null values. */ - mobilePhone?: NullableOption; + recordedDateTime?: NullableOption; + // Possible values are: accepted, declined. Supports $filter (eq). + state?: NullableOption; + // Display name of the user when the acceptance was recorded. + userDisplayName?: NullableOption; + // Email of the user when the acceptance was recorded. + userEmail?: NullableOption; + // ID of the user who accepted the agreement. Supports $filter (eq). + userId?: NullableOption; + // UPN of the user when the acceptance was recorded. + userPrincipalName?: NullableOption; +} +export interface AgreementFile extends AgreementFileProperties { + // The localized version of the terms of use agreement files attached to the agreement. + localizations?: NullableOption; +} +export interface AgreementFileLocalization extends AgreementFileProperties { + // Read-only. Customized versions of the terms of use agreement in the Microsoft Entra tenant. + versions?: NullableOption; +} +export interface AgreementFileProperties extends Entity { /** - * The office location in the user's place of business. Maximum length is 128 characters. Supports $filter (eq, ne, not, - * ge, le, in, startsWith, and eq on null values). + * The date time representing when the file was created. The Timestamp type represents date and time information using ISO + * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - officeLocation?: NullableOption; + createdDateTime?: NullableOption; /** - * Contains the on-premises Active Directory distinguished name or DN. The property is only populated for customers - * synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. + * Localized display name of the policy file of an agreement. The localized display name is shown to end users who view + * the agreement. */ - onPremisesDistinguishedName?: NullableOption; + displayName?: NullableOption; + // Data that represents the terms of use PDF document. Read-only. + fileData?: NullableOption; + // Name of the agreement file (for example, TOU.pdf). Read-only. + fileName?: NullableOption; /** - * Contains the on-premises domainFQDN, also called dnsDomainName synchronized from the on-premises directory. The - * property is only populated for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft - * Entra Connect. Read-only. + * If none of the languages matches the client preference, indicates whether this is the default agreement file. If none + * of the files are marked as default, the first one is treated as the default. Read-only. */ - onPremisesDomainName?: NullableOption; + isDefault?: NullableOption; /** - * Contains extensionAttributes1-15 for the user. These extension attributes are also known as Exchange custom attributes - * 1-15. For an onPremisesSyncEnabled user, the source of authority for this set of properties is the on-premises and is - * read-only. For a cloud-only user (where onPremisesSyncEnabled is false), these properties can be set during the - * creation or update of a user object. For a cloud-only user previously synced from on-premises Active Directory, these - * properties are read-only in Microsoft Graph but can be fully managed through the Exchange Admin Center or the Exchange - * Online V2 module in PowerShell. Supports $filter (eq, ne, not, in). + * Indicates whether the agreement file is a major version update. Major version updates invalidate the agreement's + * acceptances on the corresponding language. */ - onPremisesExtensionAttributes?: NullableOption; + isMajorVersion?: NullableOption; /** - * This property associates an on-premises Active Directory user account to their Microsoft Entra user object. This - * property must be specified when creating a new user account in the Graph if you're using a federated domain for the - * user's userPrincipalName (UPN) property. Note: The $ and _ characters can't be used when specifying this property. - * Supports $filter (eq, ne, not, ge, le, in). + * The language of the agreement file in the format 'languagecode2-country/regioncode2'. 'languagecode2' is a lowercase + * two-letter code derived from ISO 639-1, while 'country/regioncode2' is derived from ISO 3166 and usually consists of + * two uppercase letters, or a BCP-47 language tag. For example, U.S. English is en-US. Read-only. */ - onPremisesImmutableId?: NullableOption; + language?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface AgreementFileVersion extends AgreementFileProperties {} +export interface Alert extends Entity { + // Name or alias of the activity group (attacker) this alert is attributed to. + activityGroupName?: NullableOption; + alertDetections?: NullableOption; + // Name of the analyst the alert is assigned to for triage, investigation, or remediation (supports update). + assignedTo?: NullableOption; + // Azure subscription ID, present if this alert is related to an Azure resource. + azureSubscriptionId?: NullableOption; + // Microsoft Entra tenant ID. Required. + azureTenantId?: string; + // Category of the alert (for example, credentialTheft, ransomware, etc.). + category?: NullableOption; /** - * Indicates the last time at which the object was synced with the on-premises directory; for example: - * '2013-02-16T03:04:54Z'. The Timestamp type represents date and time information using ISO 8601 format and is always in - * UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, - * le, in). + * Time at which the alert was closed. The Timestamp type represents date and time information using ISO 8601 format and + * is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z (supports update). */ - onPremisesLastSyncDateTime?: NullableOption; - // Errors when using Microsoft synchronization product during provisioning. Supports $filter (eq, not, ge, le). - onPremisesProvisioningErrors?: NullableOption; + closedDateTime?: NullableOption; + // Security-related stateful information generated by the provider about the cloud application/s related to this alert. + cloudAppStates?: NullableOption; + // Customer-provided comments on alert (for customer alert management) (supports update). + comments?: NullableOption; + // Confidence of the detection logic (percentage between 1-100). + confidence?: NullableOption; /** - * Contains the on-premises sAMAccountName synchronized from the on-premises directory. The property is only populated for - * customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. - * Supports $filter (eq, ne, not, ge, le, in, startsWith). + * Time at which the alert was created by the alert provider. The Timestamp type represents date and time information + * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Required. */ - onPremisesSamAccountName?: NullableOption; + createdDateTime?: NullableOption; + // Alert description. + description?: NullableOption; + // Set of alerts related to this alert entity (each alert is pushed to the SIEM as a separate record). + detectionIds?: NullableOption; /** - * Contains the on-premises security identifier (SID) for the user synchronized from on-premises to the cloud. Read-only. - * Supports $filter (eq including on null values). + * Time at which the event(s) that served as the trigger(s) to generate the alert occurred. The Timestamp type represents + * date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is + * 2014-01-01T00:00:00Z. Required. */ - onPremisesSecurityIdentifier?: NullableOption; - // Contains all on-premises Session Initiation Protocol (SIP) information related to the user. Read-only. - onPremisesSipInfo?: NullableOption; + eventDateTime?: NullableOption; /** - * true if this user object is currently being synced from an on-premises Active Directory (AD); otherwise, the user isn't - * being synced and can be managed in Microsoft Entra ID. Read-only. Supports $filter (eq, ne, not, in, and eq on null - * values). + * Analyst feedback on the alert. Possible values are: unknown, truePositive, falsePositive, benignPositive. (supports + * update) */ - onPremisesSyncEnabled?: NullableOption; + feedback?: NullableOption; + // Security-related stateful information generated by the provider about the file(s) related to this alert. + fileStates?: NullableOption; + // A collection of alertHistoryStates comprising an audit log of all updates made to an alert. + historyStates?: NullableOption; + // Security-related stateful information generated by the provider about the host(s) related to this alert. + hostStates?: NullableOption; + // IDs of incidents related to current alert. + incidentIds?: NullableOption; + investigationSecurityStates?: NullableOption; + lastEventDateTime?: NullableOption; /** - * Contains the on-premises userPrincipalName synchronized from the on-premises directory. The property is only populated - * for customers synchronizing their on-premises directory to Microsoft Entra ID via Microsoft Entra Connect. Read-only. - * Supports $filter (eq, ne, not, ge, le, in, startsWith). + * Time at which the alert entity was last modified. The Timestamp type represents date and time information using ISO + * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - onPremisesUserPrincipalName?: NullableOption; + lastModifiedDateTime?: NullableOption; + // Threat Intelligence pertaining to malware related to this alert. + malwareStates?: NullableOption; + messageSecurityStates?: NullableOption; + // Security-related stateful information generated by the provider about the network connection(s) related to this alert. + networkConnections?: NullableOption; + // Security-related stateful information generated by the provider about the process or processes related to this alert. + processes?: NullableOption; /** - * A list of additional email addresses for the user; for example: ['bob@contoso.com', 'Robert@fabrikam.com'].NOTE: This - * property can't contain accent characters.Supports $filter (eq, not, ge, le, in, startsWith, endsWith, /$count eq 0, - * /$count ne 0). + * Vendor/provider recommended action(s) to take as a result of the alert (for example, isolate machine, enforce2FA, + * reimage host). */ - otherMails?: string[]; + recommendedActions?: NullableOption; + // Security-related stateful information generated by the provider about the registry keys related to this alert. + registryKeyStates?: NullableOption; + // Resources related to current alert. For example, for some alerts this can have the Azure Resource value. + securityResources?: NullableOption; + // Alert severity - set by vendor/provider. Possible values are: unknown, informational, low, medium, high. Required. + severity?: AlertSeverity; /** - * Specifies password policies for the user. This value is an enumeration with one possible value being - * DisableStrongPassword, which allows weaker passwords than the default policy to be specified. DisablePasswordExpiration - * can also be specified. The two may be specified together; for example: DisablePasswordExpiration, - * DisableStrongPassword. For more information on the default password policies, see Microsoft Entra password policies. - * Supports $filter (ne, not, and eq on null values). + * Hyperlinks (URIs) to the source material related to the alert, for example, provider's user interface for alerts or log + * search, etc. */ - passwordPolicies?: NullableOption; + sourceMaterials?: NullableOption; /** - * Specifies the password profile for the user. The profile contains the user's password. This property is required when a - * user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies - * property. By default, a strong password is required. Supports $filter (eq, ne, not, in, and eq on null values). + * Alert lifecycle status (stage). Possible values are: unknown, newAlert, inProgress, resolved. (supports update). + * Required. */ - passwordProfile?: NullableOption; + status?: AlertStatus; /** - * The postal code for the user's postal address. The postal code is specific to the user's country/region. In the United - * States of America, this attribute contains the ZIP code. Maximum length is 40 characters. Supports $filter (eq, ne, - * not, ge, le, in, startsWith, and eq on null values). + * User-definable labels that can be applied to an alert and can serve as filter conditions (for example 'HVA', 'SAW', + * etc.) (supports update). */ - postalCode?: NullableOption; - // The preferred data location for the user. For more information, see OneDrive Online Multi-Geo. - preferredDataLocation?: NullableOption; + tags?: NullableOption; + // Alert title. Required. + title?: NullableOption; /** - * The preferred language for the user. The preferred language format is based on RFC 4646. The name combines an ISO 639 - * two-letter lowercase culture code associated with the language and an ISO 3166 two-letter uppercase subculture code - * associated with the country or region. Example: 'en-US', or 'es-ES'. Supports $filter (eq, ne, not, ge, le, in, - * startsWith, and eq on null values). + * Security-related information about the specific properties that triggered the alert (properties appearing in the + * alert). Alerts might contain information about multiple users, hosts, files, ip addresses. This field indicates which + * properties triggered the alert generation. */ - preferredLanguage?: NullableOption; - // The plans that are provisioned for the user. Read-only. Not nullable. Supports $filter (eq, not, ge, le). - provisionedPlans?: ProvisionedPlan[]; + triggers?: NullableOption; + uriClickSecurityStates?: NullableOption; + // Security-related stateful information generated by the provider about the user accounts related to this alert. + userStates?: NullableOption; /** - * For example: ['SMTP: bob@contoso.com', 'smtp: bob@sales.contoso.com']. Changes to the mail property also update this - * collection to include the value as an SMTP address. For more information, see mail and proxyAddresses properties. The - * proxy address prefixed with SMTP (capitalized) is the primary proxy address, while the ones prefixed with smtp are the - * secondary proxy addresses. For Azure AD B2C accounts, this property has a limit of 10 unique addresses. Read-only in - * Microsoft Graph; you can update this property only through the Microsoft 365 admin center. Not nullable. Supports - * $filter (eq, not, ge, le, startsWith, endsWith, /$count eq 0, /$count ne 0). + * Complex type containing details about the security product/service vendor, provider, and subprovider (for example, + * vendor=Microsoft; provider=Windows Defender ATP; subProvider=AppLocker). Required. */ - proxyAddresses?: string[]; + vendorInformation?: NullableOption; + // Threat intelligence pertaining to one or more vulnerabilities related to this alert. + vulnerabilityStates?: NullableOption; +} +export interface AllowedDataLocation extends Entity { + appId?: NullableOption; + domain?: NullableOption; + isDefault?: NullableOption; + location?: NullableOption; +} +export interface AllowedValue extends Entity { /** - * Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications get an - * error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as - * Microsoft Graph). If it happens, the application must acquire a new refresh token by requesting the authorized - * endpoint. Read-only. Use invalidateAllRefreshTokens to reset. + * Indicates whether the predefined value is active or deactivated. If set to false, this predefined value can't be + * assigned to any more supported directory objects. */ - refreshTokensValidFromDateTime?: NullableOption; + isActive?: NullableOption; +} +export interface AndroidCertificateProfileBase extends DeviceConfiguration { + // Scale for the Certificate Validity Period. Possible values are: days, months, years. + certificateValidityPeriodScale?: CertificateValidityPeriodScale; + // Value for the Certificate Validity Period. + certificateValidityPeriodValue?: number; + // Extended Key Usage (EKU) settings. This collection can contain a maximum of 500 elements. + extendedKeyUsages?: ExtendedKeyUsage[]; + // Certificate renewal threshold percentage. Valid values 1 to 99 + renewalThresholdPercentage?: number; /** - * Security identifier (SID) of the user, used in Windows scenarios. Read-only. Returned by default. Supports $select and - * $filter (eq, not, ge, le, startsWith). + * Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, + * customAzureADAttribute, domainNameService, universalResourceIdentifier. */ - securityIdentifier?: NullableOption; + subjectAlternativeNameType?: SubjectAlternativeNameType; /** - * Errors published by a federated service describing a nontransient, service-specific error regarding the properties or - * link from a user object. + * Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, + * commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, + * commonNameAsDurableDeviceId. */ - serviceProvisioningErrors?: NullableOption; + subjectNameFormat?: SubjectNameFormat; + // Trusted Root Certificate. + rootCertificate?: NullableOption; +} +export interface AndroidCompliancePolicy extends DeviceCompliancePolicy { /** - * Do not use in Microsoft Graph. Manage this property through the Microsoft 365 admin center instead. Represents whether - * the user should be included in the Outlook global address list. See Known issue. + * MDATP Require Mobile Threat Protection minimum risk level to report noncompliance. Possible values are: unavailable, + * secured, low, medium, high, notSet. */ - showInAddressList?: NullableOption; + advancedThreatProtectionRequiredSecurityLevel?: DeviceThreatProtectionLevel; + // Condition statement id. + conditionStatementId?: NullableOption; + // Require that devices have enabled device threat protection. + deviceThreatProtectionEnabled?: boolean; /** - * Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications get an - * error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as - * Microsoft Graph). If this happens, the application must acquire a new refresh token by requesting the authorized - * endpoint. Read-only. Use revokeSignInSessions to reset. + * Require Mobile Threat Protection minimum risk level to report noncompliance. Possible values are: unavailable, secured, + * low, medium, high, notSet. */ - signInSessionsValidFromDateTime?: NullableOption; + deviceThreatProtectionRequiredSecurityLevel?: DeviceThreatProtectionLevel; + // Minimum Android security patch level. + minAndroidSecurityPatchLevel?: NullableOption; + // Maximum Android version. + osMaximumVersion?: NullableOption; + // Minimum Android version. + osMinimumVersion?: NullableOption; + // Number of days before the password expires. Valid values 1 to 365 + passwordExpirationDays?: NullableOption; + // Minimum password length. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Minutes of inactivity before a password is required. + passwordMinutesOfInactivityBeforeLock?: NullableOption; + // Number of previous passwords to block. Valid values 1 to 24 + passwordPreviousPasswordBlockCount?: NullableOption; + // Require a password to unlock device. + passwordRequired?: boolean; /** - * The state or province in the user's address. Maximum length is 128 characters. Supports $filter (eq, ne, not, ge, le, - * in, startsWith, and eq on null values). + * Type of characters in password. Possible values are: deviceDefault, alphabetic, alphanumeric, alphanumericWithSymbols, + * lowSecurityBiometric, numeric, numericComplex, any. */ - state?: NullableOption; + passwordRequiredType?: AndroidRequiredPasswordType; + // Number of sign-in failures allowed before factory reset. Valid values 1 to 16 + passwordSignInFailureCountBeforeFactoryReset?: NullableOption; /** - * The street address of the user's place of business. Maximum length is 1024 characters. Supports $filter (eq, ne, not, - * ge, le, in, startsWith, and eq on null values). + * Indicates the required password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is a new API targeted to + * Android 11+. Possible values are: none, low, medium, high. */ - streetAddress?: NullableOption; + requiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Require the device to not have the specified apps installed. This collection can contain a maximum of 100 elements. + restrictedApps?: NullableOption; + // Block device administrator managed devices. + securityBlockDeviceAdministratorManagedDevices?: boolean; + // Devices must not be jailbroken or rooted. + securityBlockJailbrokenDevices?: boolean; + // Disable USB debugging on Android devices. + securityDisableUsbDebugging?: boolean; + // Require that devices disallow installation of apps from unknown sources. + securityPreventInstallAppsFromUnknownSources?: boolean; + // Require the device to pass the Company Portal client app runtime integrity check. + securityRequireCompanyPortalAppIntegrity?: boolean; + // Require Google Play Services to be installed and enabled on the device. + securityRequireGooglePlayServices?: boolean; + // Require the device to pass the SafetyNet basic integrity check. + securityRequireSafetyNetAttestationBasicIntegrity?: boolean; + // Require the device to pass the SafetyNet certified device check. + securityRequireSafetyNetAttestationCertifiedDevice?: boolean; /** - * The user's surname (family name or last name). Maximum length is 64 characters. Supports $filter (eq, ne, not, ge, le, - * in, startsWith, and eq on null values). + * Require the device to have up to date security providers. The device will require Google Play Services to be enabled + * and up to date. */ - surname?: NullableOption; + securityRequireUpToDateSecurityProviders?: boolean; + // Require the Android Verify apps feature is turned on. + securityRequireVerifyApps?: boolean; + // Require encryption on Android devices. + storageRequireEncryption?: boolean; +} +export interface AndroidCustomConfiguration extends DeviceConfiguration { + // OMA settings. This collection can contain a maximum of 1000 elements. + omaSettings?: NullableOption; +} +export interface AndroidDeviceComplianceLocalActionBase extends Entity { + // Number of minutes to wait till a local action is enforced. Valid values 0 to 2147483647 + gracePeriodInMinutes?: number; +} +// tslint:disable-next-line: no-empty-interface +export interface AndroidDeviceComplianceLocalActionLockDevice extends AndroidDeviceComplianceLocalActionBase {} +export interface AndroidDeviceComplianceLocalActionLockDeviceWithPasscode extends AndroidDeviceComplianceLocalActionBase { + // Passcode to reset to Android device. This property is read-only. + passcode?: NullableOption; + // Number of sign in failures before wiping device, the value can be 4-11. Valid values 4 to 11 + passcodeSignInFailureCountBeforeWipe?: NullableOption; +} +export interface AndroidDeviceOwnerCertificateProfileBase extends DeviceConfiguration { + // Scale for the Certificate Validity Period. Possible values are: days, months, years. + certificateValidityPeriodScale?: CertificateValidityPeriodScale; + // Value for the Certificate Validity Period. + certificateValidityPeriodValue?: number; + // Extended Key Usage (EKU) settings. This collection can contain a maximum of 500 elements. + extendedKeyUsages?: ExtendedKeyUsage[]; + // Certificate renewal threshold percentage. Valid values 1 to 99 + renewalThresholdPercentage?: number; /** - * A two-letter country code (ISO standard 3166). Required for users that are assigned licenses due to legal requirements - * to check for availability of services in countries. Examples include: US, JP, and GB. Not nullable. Supports $filter - * (eq, ne, not, ge, le, in, startsWith, and eq on null values). + * Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, + * customAzureADAttribute, domainNameService, universalResourceIdentifier. */ - usageLocation?: NullableOption; + subjectAlternativeNameType?: NullableOption; /** - * The user principal name (UPN) of the user. The UPN is an Internet-style sign-in name for the user based on the Internet - * standard RFC 822. By convention, this should map to the user's email name. The general format is alias@domain, where - * the domain must be present in the tenant's verified domain collection. This property is required when a user is - * created. The verified domains for the tenant can be accessed from the verifiedDomains property of organization.NOTE: - * This property can't contain accent characters. Only the following characters are allowed A - Z, a - z, 0 - 9, ' . - _ ! - * # ^ ~. For the complete list of allowed characters, see username policies. Supports $filter (eq, ne, not, ge, le, in, - * startsWith, endsWith) and $orderby. + * Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, + * commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, + * commonNameAsDurableDeviceId. */ - userPrincipalName?: NullableOption; + subjectNameFormat?: NullableOption; + // Trusted Root Certificate. + rootCertificate?: NullableOption; +} +export interface AndroidDeviceOwnerCompliancePolicy extends DeviceCompliancePolicy { /** - * A String value that can be used to classify user types in your directory, such as Member and Guest. Supports $filter - * (eq, ne, not, in, and eq on null values). NOTE: For more information about the permissions for member and guest users, - * see What are the default user permissions in Microsoft Entra ID? + * MDATP Require Mobile Threat Protection minimum risk level to report noncompliance. Possible values are: unavailable, + * secured, low, medium, high, notSet. */ - userType?: NullableOption; + advancedThreatProtectionRequiredSecurityLevel?: NullableOption; + // Require that devices have enabled device threat protection. + deviceThreatProtectionEnabled?: NullableOption; /** - * Settings for the primary mailbox of the signed-in user. You can get or update settings for sending automatic replies to - * incoming messages, locale, and time zone. For more information, see User preferences for languages and regional - * formats. Returned only on $select. + * Require Mobile Threat Protection minimum risk level to report noncompliance. Possible values are: unavailable, secured, + * low, medium, high, notSet. */ - mailboxSettings?: NullableOption; - // The limit on the maximum number of devices that the user is permitted to enroll. Allowed values are 5 or 1000. - deviceEnrollmentLimit?: number; - print?: NullableOption; - // A freeform text entry field for users to describe themselves. Returned only on $select. - aboutMe?: NullableOption; + deviceThreatProtectionRequiredSecurityLevel?: NullableOption; + // Minimum Android security patch level. + minAndroidSecurityPatchLevel?: NullableOption; + // Maximum Android version. + osMaximumVersion?: NullableOption; + // Minimum Android version. + osMinimumVersion?: NullableOption; + // Number of days before the password expires. Valid values 1 to 365 + passwordExpirationDays?: NullableOption; + // Minimum password length. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Indicates the minimum number of letter characters required for device password. Valid values 1 to 16 + passwordMinimumLetterCharacters?: NullableOption; + // Indicates the minimum number of lower case characters required for device password. Valid values 1 to 16 + passwordMinimumLowerCaseCharacters?: NullableOption; + // Indicates the minimum number of non-letter characters required for device password. Valid values 1 to 16 + passwordMinimumNonLetterCharacters?: NullableOption; + // Indicates the minimum number of numeric characters required for device password. Valid values 1 to 16 + passwordMinimumNumericCharacters?: NullableOption; + // Indicates the minimum number of symbol characters required for device password. Valid values 1 to 16 + passwordMinimumSymbolCharacters?: NullableOption; + // Indicates the minimum number of upper case letter characters required for device password. Valid values 1 to 16 + passwordMinimumUpperCaseCharacters?: NullableOption; + // Minutes of inactivity before a password is required. + passwordMinutesOfInactivityBeforeLock?: NullableOption; + // Number of previous passwords to block. Valid values 1 to 24 + passwordPreviousPasswordCountToBlock?: NullableOption; + // Require a password to unlock device. + passwordRequired?: NullableOption; /** - * The birthday of the user. The Timestamp type represents date and time information using ISO 8601 format and is always - * in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z Returned only on $select. + * Type of characters in password. Possible values are: deviceDefault, required, numeric, numericComplex, alphabetic, + * alphanumeric, alphanumericWithSymbols, lowSecurityBiometric, customPassword. */ - birthday?: string; + passwordRequiredType?: NullableOption; + // Require device to have no pending Android system updates. + requireNoPendingSystemUpdates?: NullableOption; + // Require a specific Play Integrity evaluation type for compliance. Possible values are: basic, hardwareBacked. + securityRequiredAndroidSafetyNetEvaluationType?: NullableOption; /** - * The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always - * in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned only on $select. Note: This property - * is specific to SharePoint Online. We recommend using the native employeeHireDate property to set and update hire date - * values using Microsoft Graph APIs. + * If setting is set to true, checks that the Intune app installed on fully managed, dedicated, or corporate-owned work + * profile Android Enterprise enrolled devices, is the one provided by Microsoft from the Managed Google Playstore. If the + * check fails, the device will be reported as non-compliant. */ - hireDate?: string; - // A list for users to describe their interests. Returned only on $select. - interests?: NullableOption; - // The URL for the user's site. Returned only on $select. - mySite?: NullableOption; - // A list for users to enumerate their past projects. Returned only on $select. - pastProjects?: NullableOption; - // The preferred name for the user. Not Supported. This attribute returns an empty string.Returned only on $select. - preferredName?: NullableOption; - // A list for the user to enumerate their responsibilities. Returned only on $select. - responsibilities?: NullableOption; - // A list for the user to enumerate the schools they have attended. Returned only on $select. - schools?: NullableOption; - // A list for the user to enumerate their skills. Returned only on $select. - skills?: NullableOption; - analytics?: NullableOption; - cloudPCs?: NullableOption; - // Represents the usage rights a user has been granted. - usageRights?: NullableOption; - informationProtection?: NullableOption; - appRoleAssignedResources?: NullableOption; - // Represents the app roles a user has been granted for an application. Supports $expand. - appRoleAssignments?: NullableOption; - // Directory objects that the user created. Read-only. Nullable. - createdObjects?: NullableOption; + securityRequireIntuneAppIntegrity?: NullableOption; + // Require the device to pass the Play Integrity basic integrity check. + securityRequireSafetyNetAttestationBasicIntegrity?: NullableOption; + // Require the device to pass the Play Integrity device integrity check. + securityRequireSafetyNetAttestationCertifiedDevice?: NullableOption; + // Require encryption on Android devices. + storageRequireEncryption?: NullableOption; +} +export interface AndroidDeviceOwnerDerivedCredentialAuthenticationConfiguration extends DeviceConfiguration { + // Certificate access type. Possible values are: userApproval, specificApps, unknownFutureValue. + certificateAccessType?: NullableOption; + // Certificate access information. This collection can contain a maximum of 50 elements. + silentCertificateAccessDetails?: NullableOption; + // Tenant level settings for the Derived Credentials to be used for authentication. + derivedCredentialSettings?: NullableOption; +} +export interface AndroidDeviceOwnerEnrollmentProfile extends Entity { + // Tenant GUID the enrollment profile belongs to. + accountId?: NullableOption; /** - * The users and contacts that report to the user. (The users and contacts with their manager property set to this user.) - * Read-only. Nullable. Supports $expand. + * Boolean that indicates that the Wi-Fi network should be configured during device provisioning. When set to TRUE, device + * provisioning will use Wi-Fi related properties to automatically connect to Wi-Fi networks. When set to FALSE or + * undefined, other Wi-Fi related properties will be ignored. Default value is TRUE. Returned by default. */ - directReports?: NullableOption; - licenseDetails?: NullableOption; - // The user or contact that is this user's manager. Read-only. (HTTP Methods: GET, PUT, DELETE.). Supports $expand. - manager?: NullableOption; + configureWifi?: boolean; + // Date time the enrollment profile was created. + createdDateTime?: string; + // Description for the enrollment profile. + description?: NullableOption; + // Display name for the enrollment profile. + displayName?: NullableOption; + // Total number of Android devices that have enrolled using this enrollment profile. + enrolledDeviceCount?: number; /** - * The groups, directory roles, and administrative units that the user is a member of. Read-only. Nullable. Supports - * $expand. + * The enrollment mode of devices that use this enrollment profile. Possible values are: corporateOwnedDedicatedDevice, + * corporateOwnedFullyManaged, corporateOwnedWorkProfile, corporateOwnedAOSPUserlessDevice, + * corporateOwnedAOSPUserAssociatedDevice. */ - memberOf?: NullableOption; - oauth2PermissionGrants?: NullableOption; - // Devices owned by the user. Read-only. Nullable. Supports $expand. - ownedDevices?: NullableOption; + enrollmentMode?: AndroidDeviceOwnerEnrollmentMode; /** - * Directory objects owned by the user. Read-only. Nullable. Supports $expand, $select nested in $expand, and $filter - * (/$count eq 0, /$count ne 0, /$count eq 1, /$count ne 1). + * The enrollment token type for an enrollment profile. Possible values are: default, + * corporateOwnedDedicatedDeviceWithAzureADSharedMode, deviceStaging. */ - ownedObjects?: NullableOption; - // Devices that are registered for the user. Read-only. Nullable. Supports $expand and returns up to 100 objects. - registeredDevices?: NullableOption; - // The scoped-role administrative unit memberships for this user. Read-only. Nullable. - scopedRoleMemberOf?: NullableOption; + enrollmentTokenType?: AndroidDeviceOwnerEnrollmentTokenType; + // Total number of AOSP devices that have enrolled using the current token. + enrollmentTokenUsageCount?: number; + // Boolean indicating if this profile is an Android AOSP for Teams device profile. + isTeamsDeviceProfile?: boolean; + // Date time the enrollment profile was last modified. + lastModifiedDateTime?: string; + // String used to generate a QR code for the token. + qrCodeContent?: NullableOption; + // String used to generate a QR code for the token. + qrCodeImage?: NullableOption; + // List of Scope Tags for this Entity instance. + roleScopeTagIds?: NullableOption; + // Date time the most recently created token was created. + tokenCreationDateTime?: string; + // Date time the most recently created token will expire. + tokenExpirationDateTime?: string; + // Value of the most recently created token for this enrollment profile. + tokenValue?: NullableOption; + // Boolean that indicates if hidden wifi networks are enabled + wifiHidden?: boolean; + // String that contains the wi-fi login password + wifiPassword?: NullableOption; + // String that contains the wi-fi security type. Possible values are: none, wpa, wep. + wifiSecurityType?: AospWifiSecurityType; + // String that contains the wi-fi login ssid + wifiSsid?: NullableOption; +} +export interface AndroidDeviceOwnerEnterpriseWiFiConfiguration extends AndroidDeviceOwnerWiFiConfiguration { /** - * The users and groups responsible for this guest user's privileges in the tenant and keep the guest user's information - * and access updated. (HTTP Methods: GET, POST, DELETE.). Supports $expand. + * Indicates the Authentication Method the client (device) needs to use when the EAP Type is configured to PEAP or + * EAP-TTLS. Possible values are: certificate, usernameAndPassword, derivedCredential. */ - sponsors?: NullableOption; - // The groups, including nested groups and directory roles that a user is a member of. Nullable. - transitiveMemberOf?: NullableOption; - // The transitive reports for a user. Read-only. - transitiveReports?: NullableOption; - // The user's primary calendar. Read-only. - calendar?: NullableOption; - // The user's calendar groups. Read-only. Nullable. - calendarGroups?: NullableOption; - // The user's calendars. Read-only. Nullable. - calendars?: NullableOption; - // The calendar view for the calendar. Read-only. Nullable. - calendarView?: NullableOption; - // The user's contacts folders. Read-only. Nullable. - contactFolders?: NullableOption; - // The user's contacts. Read-only. Nullable. - contacts?: NullableOption; - // The user's events. The default is to show events under the Default Calendar. Read-only. Nullable. - events?: NullableOption; + authenticationMethod?: NullableOption; + // Indicates the type of EAP protocol set on the Wi-Fi endpoint (router). Possible values are: eapTls, eapTtls, peap. + eapType?: AndroidEapType; /** - * Relevance classification of the user's messages based on explicit designations that override inferred relevance or - * importance. + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is EAP-TTLS and Authenticationmethod is Username and + * Password. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, + * microsoftChapVersionTwo. */ - inferenceClassification?: NullableOption; - joinedGroups?: NullableOption; - // The user's mail folders. Read-only. Nullable. - mailFolders?: NullableOption; - // The messages in a mailbox or folder. Read-only. Nullable. - messages?: NullableOption; - // Selective Outlook services available to the user. Read-only. Nullable. - outlook?: NullableOption; + innerAuthenticationProtocolForEapTtls?: NullableOption; /** - * Read-only. The most relevant people to the user. The collection is ordered by their relevance to the user, which is - * determined by the user's communication, collaboration, and business relationships. A person aggregates information from - * mail, contacts, and social networks. + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is PEAP and Authenticationmethod is Username and + * Password. Possible values are: none, microsoftChapVersionTwo. */ - people?: NullableOption; - // The user's OneDrive. Read-only. - drive?: NullableOption; - // A collection of drives available for this user. Read-only. - drives?: NullableOption; - followedSites?: NullableOption; - // The collection of open extensions defined for the user. Supports $expand. Nullable. - extensions?: NullableOption; - appConsentRequestsForApproval?: NullableOption; - approvals?: NullableOption; - // Navigation property to get a list of access reviews pending approval by the reviewer. - pendingAccessReviewInstances?: NullableOption; - // The user's terms of use acceptance statuses. Read-only. Nullable. - agreementAcceptances?: NullableOption; - security?: NullableOption; - // Get enrollment configurations targeted to the user - deviceEnrollmentConfigurations?: NullableOption; - // The managed devices associated with the user. - managedDevices?: NullableOption; - // Zero or more managed app registrations that belong to the user. - managedAppRegistrations?: NullableOption; - // Zero or more WIP device registrations that belong to the user. - windowsInformationProtectionDeviceRegistrations?: NullableOption; - // The list of troubleshooting events for this user. - deviceManagementTroubleshootingEvents?: NullableOption; - // The list of troubleshooting events for this user. - mobileAppIntentAndStates?: NullableOption; - // The list of mobile app troubleshooting events for this user. - mobileAppTroubleshootingEvents?: NullableOption; - notifications?: NullableOption; - // Selective Planner services available to the user. Read-only. Nullable. - planner?: NullableOption; - insights?: NullableOption; - settings?: NullableOption; - onenote?: NullableOption; - // The user's profile photo. Read-only. - photo?: NullableOption; - // The collection of the user's profile photos in different sizes. Read-only. - photos?: NullableOption; - // Represents properties that are descriptive of a user in a tenant. - profile?: NullableOption; - // The user's activities across devices. Read-only. Nullable. - activities?: NullableOption; - devices?: NullableOption; - // Information about a meeting, including the URL used to join a meeting, the attendees list, and the description. - onlineMeetings?: NullableOption; - presence?: NullableOption; - virtualEvents?: NullableOption; - // The authentication methods that are supported for the user. - authentication?: NullableOption; - chats?: NullableOption; - // The Microsoft Teams teams the user is a member of. Read-only. Nullable. - joinedTeams?: NullableOption; - // List all resource-specific permission grants of a user. - permissionGrants?: NullableOption; - // A container for Microsoft Teams features available for the user. Read-only. Nullable. - teamwork?: NullableOption; - // Represents the To Do services available to a user. - todo?: NullableOption; - employeeExperience?: NullableOption; -} -export interface UserAnalytics extends Entity { - // The current settings for a user to use the analytics API. - settings?: NullableOption; - // The collection of work activities that a user spent time on during and outside of working hours. Read-only. Nullable. - activityStatistics?: NullableOption; -} -export interface CloudPC extends Entity { - // The Microsoft Entra device ID of the Cloud PC. - aadDeviceId?: NullableOption; - connectionSettings?: NullableOption; + innerAuthenticationProtocolForPeap?: NullableOption; /** - * The connectivity health check result of a Cloud PC, including the updated timestamp and whether the Cloud PC can be - * connected. + * Enable identity privacy (Outer Identity) when EAP Type is configured to EAP-TTLS or PEAP. The String provided here is + * used to mask the username of individual users when they attempt to connect to Wi-Fi network. */ - connectivityResult?: NullableOption; + outerIdentityPrivacyTemporaryValue?: NullableOption; /** - * The disk encryption applied to the Cloud PC. Possible values: notAvailable, notEncrypted, - * encryptedUsingPlatformManagedKey, encryptedUsingCustomerManagedKey, and unknownFutureValue. + * Trusted server certificate names when EAP Type is configured to EAP-TLS/TTLS/FAST or PEAP. This is the common name used + * in the certificates issued by your trusted certificate authority (CA). If you provide this information, you can bypass + * the dynamic trust dialog that is displayed on end users' devices when they connect to this Wi-Fi network. */ - diskEncryptionState?: NullableOption; - // The display name of the Cloud PC. - displayName?: NullableOption; + trustedServerCertificateNames?: NullableOption; + // Tenant level settings for the Derived Credentials to be used for authentication. + derivedCredentialSettings?: NullableOption; /** - * The date and time when the grace period ends and reprovisioning or deprovisioning happen. Required only if the status - * is inGracePeriod. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight - * UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Identity Certificate for client authentication when EAP Type is configured to EAP-TLS, EAP-TTLS (with Certificate + * Authentication), or PEAP (with Certificate Authentication). This is the certificate presented by client to the Wi-Fi + * endpoint. The authentication server sitting behind the Wi-Fi endpoint must accept this certificate to successfully + * establish a Wi-Fi connection. */ - gracePeriodEndDateTime?: NullableOption; - // Name of the OS image that's on the Cloud PC. - imageDisplayName?: NullableOption; - // The last login result of the Cloud PC. For example, { 'time': '2014-01-01T00:00:00Z'}. - lastLoginResult?: NullableOption; + identityCertificateForClientAuthentication?: NullableOption; /** - * The last modified date and time of the Cloud PC. The Timestamp type represents date and time information using ISO 8601 - * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Trusted Root Certificate for Server Validation when EAP Type is configured to EAP-TLS, EAP-TTLS or PEAP. This is the + * certificate presented by the Wi-Fi endpoint when the device attempts to connect to Wi-Fi endpoint. The device (or user) + * must accept this certificate to continue the connection attempt. */ - lastModifiedDateTime?: string; + rootCertificateForServerValidation?: NullableOption; +} +export interface AndroidDeviceOwnerGeneralDeviceConfiguration extends DeviceConfiguration { + // Indicates whether or not adding or removing accounts is disabled. + accountsBlockModification?: NullableOption; /** - * The last remote action result of the enterprise Cloud PCs. The supported remote actions are: Reboot, Rename, - * Reprovision, Restore, and Troubleshoot. + * Specifies the list of managed apps with app details and its associated delegated scope(s). This collection can contain + * a maximum of 500 elements. */ - lastRemoteActionResult?: NullableOption; - // The Intune device ID of the Cloud PC. - managedDeviceId?: NullableOption; - // The Intune device name of the Cloud PC. - managedDeviceName?: NullableOption; - // The Azure network connection that is applied during the provisioning of Cloud PCs. - onPremisesConnectionName?: NullableOption; + androidDeviceOwnerDelegatedScopeAppSettings?: NullableOption; + // Indicates whether or not the user is allowed to enable to unknown sources setting. + appsAllowInstallFromUnknownSources?: NullableOption; /** - * The version of the operating system (OS) to provision on Cloud PCs. Possible values are: windows10, windows11, and - * unknownFutureValue. + * Indicates the value of the app auto update policy. Possible values are: notConfigured, userChoice, never, wiFiOnly, + * always. */ - osVersion?: NullableOption; - // The results of every partner agent's installation status on Cloud PC. - partnerAgentInstallResults?: NullableOption; + appsAutoUpdatePolicy?: NullableOption; /** - * The power state of a Cloud PC. The possible values are: running, poweredOff and unknown. This property only supports - * shift work Cloud PCs. + * Indicates the permission policy for requests for runtime permissions if one is not defined for the app specifically. + * Possible values are: deviceDefault, prompt, autoGrant, autoDeny. */ - powerState?: NullableOption; - // The provisioning policy ID of the Cloud PC. - provisioningPolicyId?: NullableOption; - // The provisioning policy that is applied during the provisioning of Cloud PCs. - provisioningPolicyName?: NullableOption; + appsDefaultPermissionPolicy?: NullableOption; + // Whether or not to recommend all apps skip any first-time-use hints they may have added. + appsRecommendSkippingFirstUseHints?: NullableOption; /** - * The type of licenses to be used when provisioning Cloud PCs using this policy. Possible values are: dedicated, shared, - * unknownFutureValue. Default value is dedicated. + * A list of managed apps that will have their data cleared during a global sign-out in AAD shared device mode. This + * collection can contain a maximum of 500 elements. */ - provisioningType?: NullableOption; - scopeIds?: NullableOption; - // The service plan ID of the Cloud PC. - servicePlanId?: NullableOption; - // The service plan name of the Cloud PC. - servicePlanName?: NullableOption; - // The service plan type of the Cloud PC. - servicePlanType?: NullableOption; + azureAdSharedDeviceDataClearApps?: NullableOption; + // Indicates whether or not to block a user from configuring bluetooth. + bluetoothBlockConfiguration?: NullableOption; + // Indicates whether or not to block a user from sharing contacts via bluetooth. + bluetoothBlockContactSharing?: NullableOption; + // Indicates whether or not to disable the use of the camera. + cameraBlocked?: NullableOption; + // Indicates whether or not to block Wi-Fi tethering. + cellularBlockWiFiTethering?: NullableOption; + // Indicates whether or not to block users from any certificate credential configuration. + certificateCredentialConfigurationDisabled?: NullableOption; + // Indicates whether or not text copied from one profile (personal or work) can be pasted in the other. + crossProfilePoliciesAllowCopyPaste?: NullableOption; /** - * The status of the Cloud PC. Possible values are: notProvisioned, provisioning, provisioned, upgrading, inGracePeriod, - * deprovisioning, failed, restoring. + * Indicates whether data from one profile (personal or work) can be shared with apps in the other profile. Possible + * values are: notConfigured, crossProfileDataSharingBlocked, dataSharingFromWorkToPersonalBlocked, + * crossProfileDataSharingAllowed, unkownFutureValue. */ - status?: CloudPcStatus; - // The details of the Cloud PC status. - statusDetails?: NullableOption; + crossProfilePoliciesAllowDataSharing?: NullableOption; + // Indicates whether or not contacts stored in work profile are shown in personal profile contact searches/incoming calls. + crossProfilePoliciesShowWorkContactsInPersonalProfile?: NullableOption; + // Indicates whether or not to block a user from data roaming. + dataRoamingBlocked?: NullableOption; + // Indicates whether or not to block the user from manually changing the date or time on the device + dateTimeConfigurationBlocked?: NullableOption; /** - * The account type of the user on provisioned Cloud PCs. Possible values are: standardUser, administrator, and - * unknownFutureValue. - */ - userAccountType?: NullableOption; - // The user principal name (UPN) of the user assigned to the Cloud PC. - userPrincipalName?: NullableOption; -} -export interface UsageRight extends Entity { - // Product id corresponding to the usage right. - catalogId?: string; - // Identifier of the service corresponding to the usage right. - serviceIdentifier?: string; - // The state of the usage right. Possible values are: active, inactive, warning, suspended. - state?: UsageRightState; -} -// tslint:disable-next-line: interface-name -export interface InformationProtection extends Entity { - bitlocker?: NullableOption; - dataLossPreventionPolicies?: NullableOption; - sensitivityLabels?: NullableOption; - sensitivityPolicySettings?: NullableOption; - policy?: NullableOption; - threatAssessmentRequests?: NullableOption; -} -export interface ServicePrincipal extends DirectoryObject { + * Represents the customized detailed help text provided to users when they attempt to modify managed settings on their + * device. + */ + detailedHelpText?: NullableOption; /** - * The collection for settings related to password single sign-on. Use $select=passwordSingleSignOnSettings to read the - * property. Read-only for applicationTemplates except for custom applicationTemplates. + * Indicates the location setting configuration for fully managed devices (COBO) and corporate owned devices with a work + * profile (COPE). Possible values are: notConfigured, disabled, unknownFutureValue. */ - passwordSingleSignOnSettings?: NullableOption; + deviceLocationMode?: NullableOption; /** - * true if the service principal account is enabled; otherwise, false. If set to false, then no users will be able to sign - * in to this app, even if they are assigned to it. Supports $filter (eq, ne, not, in). + * Represents the customized lock screen message provided to users when they attempt to modify managed settings on their + * device. */ - accountEnabled?: NullableOption; + deviceOwnerLockScreenMessage?: NullableOption; /** - * Defines custom behavior that a consuming service can use to call an app in specific contexts. For example, applications - * that can render file streams may set the addIns property for its 'FileHandler' functionality. This will let services - * like Microsoft 365 call the application in the context of a document the user is working on. + * Indicates which enrollment profile you want to configure. Possible values are: notConfigured, dedicatedDevice, + * fullyManaged. */ - addIns?: AddIn[]; + enrollmentProfile?: AndroidDeviceOwnerEnrollmentProfileType; + // Indicates whether or not the factory reset option in settings is disabled. + factoryResetBlocked?: NullableOption; /** - * Used to retrieve service principals by subscription, identify resource group and full resource ids for managed - * identities. Supports $filter (eq, not, ge, le, startsWith). + * List of Google account emails that will be required to authenticate after a device is factory reset before it can be + * set up. */ - alternativeNames?: string[]; - // The description exposed by the associated application. - appDescription?: NullableOption; - // The display name exposed by the associated application. - appDisplayName?: NullableOption; + factoryResetDeviceAdministratorEmails?: NullableOption; + // Proxy is set up directly with host, port and excluded hosts. + globalProxy?: NullableOption; + // Indicates whether or not google accounts will be blocked. + googleAccountsBlocked?: NullableOption; + // Indicates whether a user can access the device's Settings app while in Kiosk Mode. + kioskCustomizationDeviceSettingsBlocked?: NullableOption; + // Whether the power menu is shown when a user long presses the Power button of a device in Kiosk Mode. + kioskCustomizationPowerButtonActionsBlocked?: NullableOption; /** - * The unique identifier for the associated application (its appId property). Alternate key. Supports $filter (eq, ne, - * not, in, startsWith). + * Indicates whether system info and notifications are disabled in Kiosk Mode. Possible values are: notConfigured, + * notificationsAndSystemInfoEnabled, systemInfoOnly. */ - appId?: NullableOption; + kioskCustomizationStatusBar?: NullableOption; + // Indicates whether system error dialogs for crashed or unresponsive apps are shown in Kiosk Mode. + kioskCustomizationSystemErrorWarnings?: NullableOption; /** - * Unique identifier of the applicationTemplate that the servicePrincipal was created from. Read-only. Supports $filter - * (eq, ne, NOT, startsWith). + * Indicates which navigation features are enabled in Kiosk Mode. Possible values are: notConfigured, navigationEnabled, + * homeButtonOnly. */ - applicationTemplateId?: NullableOption; + kioskCustomizationSystemNavigation?: NullableOption; + // Whether or not to enable app ordering in Kiosk Mode. + kioskModeAppOrderEnabled?: NullableOption; + // The ordering of items on Kiosk Mode Managed Home Screen. This collection can contain a maximum of 500 elements. + kioskModeAppPositions?: NullableOption; /** - * Contains the tenant id where the application is registered. This is applicable only to service principals backed by - * applications. Supports $filter (eq, ne, NOT, ge, le). + * A list of managed apps that will be shown when the device is in Kiosk Mode. This collection can contain a maximum of + * 500 elements. */ - appOwnerOrganizationId?: NullableOption; + kioskModeApps?: NullableOption; + // Whether or not to alphabetize applications within a folder in Kiosk Mode. + kioskModeAppsInFolderOrderedByName?: NullableOption; + // Whether or not to allow a user to configure Bluetooth settings in Kiosk Mode. + kioskModeBluetoothConfigurationEnabled?: NullableOption; + // Whether or not to allow a user to easy access to the debug menu in Kiosk Mode. + kioskModeDebugMenuEasyAccessEnabled?: NullableOption; + // Exit code to allow a user to escape from Kiosk Mode when the device is in Kiosk Mode. + kioskModeExitCode?: NullableOption; + // Whether or not to allow a user to use the flashlight in Kiosk Mode. + kioskModeFlashlightConfigurationEnabled?: NullableOption; /** - * Specifies whether users or other service principals need to be granted an app role assignment for this service - * principal before users can sign in or apps can get tokens. The default value is false. Not nullable. Supports $filter - * (eq, ne, NOT). + * Folder icon configuration for managed home screen in Kiosk Mode. Possible values are: notConfigured, darkSquare, + * darkCircle, lightSquare, lightCircle. */ - appRoleAssignmentRequired?: boolean; + kioskModeFolderIcon?: NullableOption; + // Number of rows for Managed Home Screen grid with app ordering enabled in Kiosk Mode. Valid values 1 to 9999999 + kioskModeGridHeight?: NullableOption; + // Number of columns for Managed Home Screen grid with app ordering enabled in Kiosk Mode. Valid values 1 to 9999999 + kioskModeGridWidth?: NullableOption; /** - * The roles exposed by the application, which this service principal represents. For more information see the appRoles - * property definition on the application entity. Not nullable. + * Icon size configuration for managed home screen in Kiosk Mode. Possible values are: notConfigured, smallest, small, + * regular, large, largest. */ - appRoles?: AppRole[]; + kioskModeIconSize?: NullableOption; + // Whether or not to lock home screen to the end user in Kiosk Mode. + kioskModeLockHomeScreen?: NullableOption; + // A list of managed folders for a device in Kiosk Mode. This collection can contain a maximum of 500 elements. + kioskModeManagedFolders?: NullableOption; /** - * An open complex type that holds the value of a custom security attribute that is assigned to a directory object. - * Nullable. Returned only on $select. Supports $filter (eq, ne, not, startsWith). Filter value is case sensitive. + * Whether or not to automatically sign-out of MHS and Shared device mode applications after inactive for Managed Home + * Screen. */ - customSecurityAttributes?: NullableOption; + kioskModeManagedHomeScreenAutoSignout?: NullableOption; /** - * Free text field to provide an internal end-user facing description of the service principal. End-user portals such - * MyApps will display the application description in this field. The maximum allowed size is 1024 characters. Supports - * $filter (eq, ne, not, ge, le, startsWith) and $search. + * Number of seconds to give user notice before automatically signing them out for Managed Home Screen. Valid values 0 to + * 9999999 */ - description?: NullableOption; + kioskModeManagedHomeScreenInactiveSignOutDelayInSeconds?: NullableOption; /** - * Specifies whether Microsoft has disabled the registered application. Possible values are: null (default value), - * NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons may include suspicious, abusive, or malicious - * activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). + * Number of seconds device is inactive before automatically signing user out for Managed Home Screen. Valid values 0 to + * 9999999 */ - disabledByMicrosoftStatus?: NullableOption; + kioskModeManagedHomeScreenInactiveSignOutNoticeInSeconds?: NullableOption; + // Complexity of PIN for sign-in session for Managed Home Screen. Possible values are: notConfigured, simple, complex. + kioskModeManagedHomeScreenPinComplexity?: NullableOption; + // Whether or not require user to set a PIN for sign-in session for Managed Home Screen. + kioskModeManagedHomeScreenPinRequired?: NullableOption; + // Whether or not required user to enter session PIN if screensaver has appeared for Managed Home Screen. + kioskModeManagedHomeScreenPinRequiredToResume?: NullableOption; + // Custom URL background for sign-in screen for Managed Home Screen. + kioskModeManagedHomeScreenSignInBackground?: NullableOption; + // Custom URL branding logo for sign-in screen and session pin page for Managed Home Screen. + kioskModeManagedHomeScreenSignInBrandingLogo?: NullableOption; + // Whether or not show sign-in screen for Managed Home Screen. + kioskModeManagedHomeScreenSignInEnabled?: NullableOption; + // Whether or not to display the Managed Settings entry point on the managed home screen in Kiosk Mode. + kioskModeManagedSettingsEntryDisabled?: NullableOption; + // Whether or not to allow a user to change the media volume in Kiosk Mode. + kioskModeMediaVolumeConfigurationEnabled?: NullableOption; /** - * The display name for the service principal. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null - * values), $search, and $orderby. + * Screen orientation configuration for managed home screen in Kiosk Mode. Possible values are: notConfigured, portrait, + * landscape, autoRotate. */ - displayName?: NullableOption; - // Deprecated. Don't use. - errorUrl?: NullableOption; - // Home page or landing page of the application. - homepage?: NullableOption; + kioskModeScreenOrientation?: NullableOption; + // Whether or not to enable screen saver mode or not in Kiosk Mode. + kioskModeScreenSaverConfigurationEnabled?: NullableOption; + // Whether or not the device screen should show the screen saver if audio/video is playing in Kiosk Mode. + kioskModeScreenSaverDetectMediaDisabled?: NullableOption; + // The number of seconds that the device will display the screen saver for in Kiosk Mode. Valid values 0 to 9999999 + kioskModeScreenSaverDisplayTimeInSeconds?: NullableOption; + // URL for an image that will be the device's screen saver in Kiosk Mode. + kioskModeScreenSaverImageUrl?: NullableOption; /** - * Basic profile information of the acquired application such as app's marketing, support, terms of service and privacy - * statement URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. - * For more info, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports - * $filter (eq, ne, not, ge, le, and eq on null values). + * The number of seconds the device needs to be inactive for before the screen saver is shown in Kiosk Mode. Valid values + * 1 to 9999999 */ - info?: NullableOption; + kioskModeScreenSaverStartDelayInSeconds?: NullableOption; + // Whether or not to display application notification badges in Kiosk Mode. + kioskModeShowAppNotificationBadge?: NullableOption; + // Whether or not to allow a user to access basic device information. + kioskModeShowDeviceInfo?: NullableOption; /** - * The collection of key credentials associated with the service principal. Not nullable. Supports $filter (eq, not, ge, - * le). + * Whether or not to use single app kiosk mode or multi-app kiosk mode. Possible values are: notConfigured, singleAppMode, + * multiAppMode. */ - keyCredentials?: KeyCredential[]; + kioskModeUseManagedHomeScreenApp?: NullableOption; + // Whether or not to display a virtual home button when the device is in Kiosk Mode. + kioskModeVirtualHomeButtonEnabled?: NullableOption; /** - * Specifies the URL where the service provider redirects the user to Microsoft Entra ID to authenticate. Microsoft Entra - * ID uses the URL to launch the application from Microsoft 365 or the Microsoft Entra My Apps. When blank, Microsoft - * Entra ID performs IdP-initiated sign-on for applications configured with SAML-based single sign-on. The user launches - * the application from Microsoft 365, the Microsoft Entra My Apps, or the Microsoft Entra SSO URL. + * Indicates whether the virtual home button is a swipe up home button or a floating home button. Possible values are: + * notConfigured, swipeUp, floating. */ - loginUrl?: NullableOption; + kioskModeVirtualHomeButtonType?: NullableOption; + // URL to a publicly accessible image to use for the wallpaper when the device is in Kiosk Mode. + kioskModeWallpaperUrl?: NullableOption; /** - * Specifies the URL that will be used by Microsoft's authorization service to logout an user using OpenId Connect - * front-channel, back-channel or SAML logout protocols. + * The restricted set of WIFI SSIDs available for the user to configure in Kiosk Mode. This collection can contain a + * maximum of 500 elements. */ - logoutUrl?: NullableOption; + kioskModeWifiAllowedSsids?: NullableOption; + // Whether or not to allow a user to configure Wi-Fi settings in Kiosk Mode. + kioskModeWiFiConfigurationEnabled?: NullableOption; + // Indicates whether or not LocateDevice for devices with lost mode (COBO, COPE) is enabled. + locateDeviceLostModeEnabled?: NullableOption; + // Indicates whether or not LocateDevice for userless (COSU) devices is disabled. + locateDeviceUserlessDisabled?: NullableOption; + // Indicates whether or not to block unmuting the microphone on the device. + microphoneForceMute?: NullableOption; + // Indicates whether or not to you want configure Microsoft Launcher. + microsoftLauncherConfigurationEnabled?: NullableOption; + // Indicates whether or not the user can modify the wallpaper to personalize their device. + microsoftLauncherCustomWallpaperAllowUserModification?: NullableOption; + // Indicates whether or not to configure the wallpaper on the targeted devices. + microsoftLauncherCustomWallpaperEnabled?: NullableOption; + // Indicates the URL for the image file to use as the wallpaper on the targeted devices. + microsoftLauncherCustomWallpaperImageUrl?: NullableOption; + // Indicates whether or not the user can modify the device dock configuration on the device. + microsoftLauncherDockPresenceAllowUserModification?: NullableOption; /** - * Free text field to capture information about the service principal, typically used for operational purposes. Maximum - * allowed size is 1024 characters. + * Indicates whether or not you want to configure the device dock. Possible values are: notConfigured, show, hide, + * disabled. */ - notes?: NullableOption; + microsoftLauncherDockPresenceConfiguration?: NullableOption; + // Indicates whether or not the user can modify the launcher feed on the device. + microsoftLauncherFeedAllowUserModification?: NullableOption; + // Indicates whether or not you want to enable the launcher feed on the device. + microsoftLauncherFeedEnabled?: NullableOption; + // Indicates the search bar placement configuration on the device. Possible values are: notConfigured, top, bottom, hide. + microsoftLauncherSearchBarPlacementConfiguration?: NullableOption; + // Indicates whether or not the device will allow connecting to a temporary network connection at boot time. + networkEscapeHatchAllowed?: NullableOption; + // Indicates whether or not to block NFC outgoing beam. + nfcBlockOutgoingBeam?: NullableOption; + // Indicates whether or not the keyguard is disabled. + passwordBlockKeyguard?: NullableOption; + // List of device keyguard features to block. This collection can contain a maximum of 11 elements. + passwordBlockKeyguardFeatures?: AndroidKeyguardFeature[]; /** - * Specifies the list of email addresses where Microsoft Entra ID sends a notification when the active certificate is near - * the expiration date. This is only for the certificates used to sign the SAML token issued for Microsoft Entra Gallery - * applications. + * Indicates the amount of time that a password can be set for before it expires and a new password will be required. + * Valid values 1 to 365 */ - notificationEmailAddresses?: string[]; - // The collection of password credentials associated with the service principal. Not nullable. - passwordCredentials?: PasswordCredential[]; + passwordExpirationDays?: NullableOption; + // Indicates the minimum length of the password required on the device. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Indicates the minimum number of letter characters required for device password. Valid values 1 to 16 + passwordMinimumLetterCharacters?: NullableOption; + // Indicates the minimum number of lower case characters required for device password. Valid values 1 to 16 + passwordMinimumLowerCaseCharacters?: NullableOption; + // Indicates the minimum number of non-letter characters required for device password. Valid values 1 to 16 + passwordMinimumNonLetterCharacters?: NullableOption; + // Indicates the minimum number of numeric characters required for device password. Valid values 1 to 16 + passwordMinimumNumericCharacters?: NullableOption; + // Indicates the minimum number of symbol characters required for device password. Valid values 1 to 16 + passwordMinimumSymbolCharacters?: NullableOption; + // Indicates the minimum number of upper case letter characters required for device password. Valid values 1 to 16 + passwordMinimumUpperCaseCharacters?: NullableOption; + // Minutes of inactivity before the screen times out. + passwordMinutesOfInactivityBeforeScreenTimeout?: NullableOption; /** - * Specifies the single sign-on mode configured for this application. Microsoft Entra ID uses the preferred single sign-on - * mode to launch the application from Microsoft 365 or the Microsoft Entra My Apps. The supported values are password, - * saml, notSupported, and oidc. + * Indicates the length of password history, where the user will not be able to enter a new password that is the same as + * any password in the history. Valid values 0 to 24 */ - preferredSingleSignOnMode?: NullableOption; + passwordPreviousPasswordCountToBlock?: NullableOption; /** - * Specifies the expiration date of the keyCredential used for token signing, marked by - * preferredTokenSigningKeyThumbprint. Updating this attribute is not currentlysupported. For details, see - * ServicePrincipal property differences. + * Indicates the minimum password quality required on the device. Possible values are: deviceDefault, required, numeric, + * numericComplex, alphabetic, alphanumeric, alphanumericWithSymbols, lowSecurityBiometric, customPassword. */ - preferredTokenSigningKeyEndDateTime?: NullableOption; + passwordRequiredType?: NullableOption; /** - * This property can be used on SAML applications (apps that have preferredSingleSignOnMode set to saml) to control which - * certificate is used to sign the SAML responses. For applications that are not SAML, do not write or otherwise rely on - * this property. + * Indicates the timeout period after which a device must be unlocked using a form of strong authentication. Possible + * values are: deviceDefault, daily, unkownFutureValue. */ - preferredTokenSigningKeyThumbprint?: NullableOption; + passwordRequireUnlock?: NullableOption; + // Indicates the number of times a user can enter an incorrect password before the device is wiped. Valid values 4 to 11 + passwordSignInFailureCountBeforeFactoryReset?: NullableOption; + // Indicates whether the user can install apps from unknown sources on the personal profile. + personalProfileAppsAllowInstallFromUnknownSources?: NullableOption; + // Indicates whether to disable the use of the camera on the personal profile. + personalProfileCameraBlocked?: NullableOption; + // Policy applied to applications in the personal profile. This collection can contain a maximum of 500 elements. + personalProfilePersonalApplications?: NullableOption; /** - * The delegated permissions exposed by the application. For more information see the oauth2PermissionScopes property on - * the application entity's api property. Not nullable. Note: This property is named oauth2PermissionScopes in v1.0. + * Used together with PersonalProfilePersonalApplications to control how apps in the personal profile are allowed or + * blocked. Possible values are: notConfigured, blockedApps, allowedApps. */ - publishedPermissionScopes?: PermissionScope[]; - // The name of the Microsoft Entra tenant that published the application. - publisherName?: NullableOption; + personalProfilePlayStoreMode?: NullableOption; + // Indicates whether to disable the capability to take screenshots on the personal profile. + personalProfileScreenCaptureBlocked?: NullableOption; + // Indicates the Play Store mode of the device. Possible values are: notConfigured, allowList, blockList. + playStoreMode?: NullableOption; + // Indicates whether or not to disable the capability to take screenshots. + screenCaptureBlocked?: NullableOption; /** - * The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 - * authorization codes and access tokens are sent to for the associated application. Not nullable. + * Represents the security common criteria mode enabled provided to users when they attempt to modify managed settings on + * their device. */ - replyUrls?: string[]; - // The url where the service exposes SAML metadata for federation. - samlMetadataUrl?: NullableOption; - // The collection for settings related to saml single sign-on. - samlSingleSignOnSettings?: NullableOption; + securityCommonCriteriaModeEnabled?: NullableOption; /** - * Contains the list of identifiersUris, copied over from the associated application. Additional values can be added to - * hybrid applications. These values can be used to identify the permissions exposed by this app within Microsoft Entra - * ID. For example,Client apps can specify a resource URI which is based on the values of this property to acquire an - * access token, which is the URI returned in the 'aud' claim.The any operator is required for filter expressions on - * multi-valued properties. Not nullable. Supports $filter (eq, not, ge, le, startsWith). + * Indicates whether or not the user is allowed to access developer settings like developer options and safe boot on the + * device. */ - servicePrincipalNames?: string[]; + securityDeveloperSettingsEnabled?: NullableOption; + // Indicates whether or not verify apps is required. + securityRequireVerifyApps?: NullableOption; /** - * Identifies if the service principal represents an application or a managed identity. This is set by Microsoft Entra ID - * internally. For a service principal that represents an application this is set as Application. For a service principal - * that represent a managed identity this is set as ManagedIdentity. The SocialIdp type is for internal use. + * Indicates whether or not location sharing is disabled for fully managed devices (COBO), and corporate owned devices + * with a work profile (COPE) */ - servicePrincipalType?: NullableOption; + shareDeviceLocationDisabled?: NullableOption; /** - * Specifies the Microsoft accounts that are supported for the current application. Read-only. Supported values - * are:AzureADMyOrg: Users with a Microsoft work or school account in my organization's Microsoft Entra tenant - * (single-tenant).AzureADMultipleOrgs: Users with a Microsoft work or school account in any organization's Microsoft - * Entra tenant (multi-tenant).AzureADandPersonalMicrosoftAccount: Users with a personal Microsoft account, or a work or - * school account in any organization's Microsoft Entra tenant.PersonalMicrosoftAccount: Users with a personal Microsoft - * account only. + * Represents the customized short help text provided to users when they attempt to modify managed settings on their + * device. */ - signInAudience?: NullableOption; + shortHelpText?: NullableOption; + // Indicates whether or the status bar is disabled, including notifications, quick settings and other screen overlays. + statusBarBlocked?: NullableOption; + // List of modes in which the device's display will stay powered-on. This collection can contain a maximum of 4 elements. + stayOnModes?: AndroidDeviceOwnerBatteryPluggedMode[]; + // Indicates whether or not to allow USB mass storage. + storageAllowUsb?: NullableOption; + // Indicates whether or not to block external media. + storageBlockExternalMedia?: NullableOption; + // Indicates whether or not to block USB file transfer. + storageBlockUsbFileTransfer?: NullableOption; /** - * Custom strings that can be used to categorize and identify the service principal. Not nullable. The value is the union - * of strings set here and on the associated application entity's tags property.Supports $filter (eq, not, ge, le, - * startsWith). + * Indicates the annually repeating time periods during which system updates are postponed. This collection can contain a + * maximum of 500 elements. */ - tags?: string[]; + systemUpdateFreezePeriods?: NullableOption; + // The type of system update configuration. Possible values are: deviceDefault, postpone, windowed, automatic. + systemUpdateInstallType?: NullableOption; + // Indicates the number of minutes after midnight that the system update window ends. Valid values 0 to 1440 + systemUpdateWindowEndMinutesAfterMidnight?: NullableOption; + // Indicates the number of minutes after midnight that the system update window starts. Valid values 0 to 1440 + systemUpdateWindowStartMinutesAfterMidnight?: NullableOption; + // Whether or not to block Android system prompt windows, like toasts, phone activities, and system alerts. + systemWindowsBlocked?: NullableOption; + // Indicates whether or not adding users and profiles is disabled. + usersBlockAdd?: NullableOption; + // Indicates whether or not to disable removing other users from the device. + usersBlockRemove?: NullableOption; + // Indicates whether or not adjusting the master volume is disabled. + volumeBlockAdjustment?: NullableOption; + // If an always on VPN package name is specified, whether or not to lock network traffic when that VPN is disconnected. + vpnAlwaysOnLockdownMode?: NullableOption; + // Android app package name for app that will handle an always-on VPN connection. + vpnAlwaysOnPackageIdentifier?: NullableOption; + // Indicates whether or not to block the user from editing the wifi connection settings. + wifiBlockEditConfigurations?: NullableOption; + // Indicates whether or not to block the user from editing just the networks defined by the policy. + wifiBlockEditPolicyDefinedConfigurations?: NullableOption; /** - * Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID issues - * tokens for this application encrypted using the key specified by this property. The application code that receives the - * encrypted token must use the matching private key to decrypt the token before it can be used for the signed-in user. + * Indicates the number of days that a work profile password can be set before it expires and a new password will be + * required. Valid values 1 to 365 */ - tokenEncryptionKeyId?: NullableOption; - // Specifies the verified publisher of the application which this service principal represents. - verifiedPublisher?: NullableOption; - // The appManagementPolicy applied to this service principal. - appManagementPolicies?: NullableOption; - // App role assignments for this app or service, granted to users, groups, and other service principals.Supports $expand. - appRoleAssignedTo?: NullableOption; - // App role assignment for another app or service, granted to this service principal. Supports $expand. - appRoleAssignments?: NullableOption; - // The claimsMappingPolicies assigned to this service principal. Supports $expand. - claimsMappingPolicies?: NullableOption; - // Directory objects created by this service principal. Read-only. Nullable. - createdObjects?: NullableOption; + workProfilePasswordExpirationDays?: NullableOption; + // Indicates the minimum length of the work profile password. Valid values 4 to 16 + workProfilePasswordMinimumLength?: NullableOption; + // Indicates the minimum number of letter characters required for the work profile password. Valid values 1 to 16 + workProfilePasswordMinimumLetterCharacters?: NullableOption; + // Indicates the minimum number of lower-case characters required for the work profile password. Valid values 1 to 16 + workProfilePasswordMinimumLowerCaseCharacters?: NullableOption; + // Indicates the minimum number of non-letter characters required for the work profile password. Valid values 1 to 16 + workProfilePasswordMinimumNonLetterCharacters?: NullableOption; + // Indicates the minimum number of numeric characters required for the work profile password. Valid values 1 to 16 + workProfilePasswordMinimumNumericCharacters?: NullableOption; + // Indicates the minimum number of symbol characters required for the work profile password. Valid values 1 to 16 + workProfilePasswordMinimumSymbolCharacters?: NullableOption; /** - * The permission classifications for delegated permissions exposed by the app that this service principal represents. - * Supports $expand. + * Indicates the minimum number of upper-case letter characters required for the work profile password. Valid values 1 to + * 16 */ - delegatedPermissionClassifications?: NullableOption; + workProfilePasswordMinimumUpperCaseCharacters?: NullableOption; /** - * Endpoints available for discovery. Services like Sharepoint populate this property with a tenant specific SharePoint - * endpoints that other applications can discover and use in their experiences. + * Indicates the length of the work profile password history, where the user will not be able to enter a new password that + * is the same as any password in the history. Valid values 0 to 24 */ - endpoints?: NullableOption; - federatedIdentityCredentials?: NullableOption; - // The homeRealmDiscoveryPolicies assigned to this service principal. Supports $expand. - homeRealmDiscoveryPolicies?: NullableOption; - licenseDetails?: NullableOption; - // Roles that this service principal is a member of. HTTP Methods: GET Read-only. Nullable. Supports $expand. - memberOf?: NullableOption; + workProfilePasswordPreviousPasswordCountToBlock?: NullableOption; /** - * Delegated permission grants authorizing this service principal to access an API on behalf of a signed-in user. - * Read-only. Nullable. + * Indicates the minimum password quality required on the work profile password. Possible values are: deviceDefault, + * required, numeric, numericComplex, alphabetic, alphanumeric, alphanumericWithSymbols, lowSecurityBiometric, + * customPassword. */ - oauth2PermissionGrants?: NullableOption; + workProfilePasswordRequiredType?: NullableOption; /** - * Directory objects that are owned by this service principal. Read-only. Nullable. Supports $expand and $filter (/$count - * eq 0, /$count ne 0, /$count eq 1, /$count ne 1). + * Indicates the timeout period after which a work profile must be unlocked using a form of strong authentication. + * Possible values are: deviceDefault, daily, unkownFutureValue. */ - ownedObjects?: NullableOption; + workProfilePasswordRequireUnlock?: NullableOption; /** - * Directory objects that are owners of this servicePrincipal. The owners are a set of non-admin users or - * servicePrincipals who are allowed to modify this object. Read-only. Nullable. Supports $expand and $filter (/$count eq - * 0, /$count ne 0, /$count eq 1, /$count ne 1). + * Indicates the number of times a user can enter an incorrect work profile password before the device is wiped. Valid + * values 4 to 11 */ - owners?: NullableOption; + workProfilePasswordSignInFailureCountBeforeFactoryReset?: NullableOption; +} +export interface AndroidDeviceOwnerImportedPFXCertificateProfile extends AndroidDeviceOwnerCertificateProfileBase { + // Certificate access type. Possible values are: userApproval, specificApps, unknownFutureValue. + certificateAccessType?: NullableOption; /** - * The remoteDesktopSecurityConfiguration object applied to this service principal. Supports $filter (eq) for - * isRemoteDesktopProtocolEnabled property. + * Intended Purpose of the Certificate Profile - which could be Unassigned, SmimeEncryption, SmimeSigning etc. Possible + * values are: unassigned, smimeEncryption, smimeSigning, vpn, wifi. */ - remoteDesktopSecurityConfiguration?: NullableOption; - // The tokenIssuancePolicies assigned to this service principal. Supports $expand. - tokenIssuancePolicies?: NullableOption; - // The tokenLifetimePolicies assigned to this service principal. Supports $expand. - tokenLifetimePolicies?: NullableOption; - transitiveMemberOf?: NullableOption; - // Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. - synchronization?: NullableOption; + intendedPurpose?: IntendedPurpose; + // Certificate access information. This collection can contain a maximum of 50 elements. + silentCertificateAccessDetails?: NullableOption; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidDeviceOwnerPkcsCertificateProfile extends AndroidDeviceOwnerCertificateProfileBase { + // Certificate access type. Possible values are: userApproval, specificApps, unknownFutureValue. + certificateAccessType?: NullableOption; + // Target store certificate. Possible values are: user, machine. + certificateStore?: CertificateStore; + // PKCS Certificate Template Name + certificateTemplateName?: string; + // PKCS Certification Authority + certificationAuthority?: string; + // PKCS Certification Authority Name + certificationAuthorityName?: NullableOption; + // Certification authority type. Possible values are: notConfigured, microsoft, digiCert. + certificationAuthorityType?: DeviceManagementCertificationAuthority; + // Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements. + customSubjectAlternativeNames?: NullableOption; + // Certificate access information. This collection can contain a maximum of 50 elements. + silentCertificateAccessDetails?: NullableOption; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; + /** + * Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise + * Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US + */ + subjectNameFormatString?: string; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidDeviceOwnerScepCertificateProfile extends AndroidDeviceOwnerCertificateProfileBase { + // Certificate access type. Possible values are: userApproval, specificApps, unknownFutureValue. + certificateAccessType?: NullableOption; + // Target store certificate. Possible values are: user, machine. + certificateStore?: NullableOption; + // Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements. + customSubjectAlternativeNames?: NullableOption; + // SCEP Hash Algorithm. Possible values are: sha1, sha2. + hashAlgorithm?: HashAlgorithms; + // SCEP Key Size. Possible values are: size1024, size2048, size4096. + keySize?: KeySize; + // SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature. + keyUsage?: KeyUsages; + // SCEP Server Url(s) + scepServerUrls?: NullableOption; + // Certificate access information. This collection can contain a maximum of 50 elements. + silentCertificateAccessDetails?: NullableOption; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; + /** + * Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise + * Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US + */ + subjectNameFormatString?: NullableOption; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidDeviceOwnerTrustedRootCertificate extends DeviceConfiguration { + // File name to display in UI. + certFileName?: NullableOption; + // Trusted Root Certificate + trustedRootCertificate?: string; +} +export interface AndroidDeviceOwnerVpnConfiguration extends VpnConfiguration { + // Whether or not to enable always-on VPN connection. + alwaysOn?: NullableOption; + // If always-on VPN connection is enabled, whether or not to lock network traffic when that VPN is disconnected. + alwaysOnLockdown?: NullableOption; + /** + * Connection type. Possible values are: ciscoAnyConnect, pulseSecure, f5EdgeClient, dellSonicWallMobileConnect, + * checkPointCapsuleVpn, citrix, microsoftTunnel, netMotionMobility, microsoftProtect. + */ + connectionType?: AndroidVpnConnectionType; + // Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements. + customData?: NullableOption; + // Custom data to define key/value pairs specific to a VPN provider. This collection can contain a maximum of 25 elements. + customKeyValueData?: NullableOption; + // Microsoft Tunnel site ID. + microsoftTunnelSiteId?: NullableOption; + // List of hosts to exclude using the proxy on connections for. These hosts can use wildcards such as .example.com. + proxyExclusionList?: NullableOption; + // Proxy server. + proxyServer?: NullableOption; + // Targeted mobile apps. This collection can contain a maximum of 500 elements. + targetedMobileApps?: NullableOption; + // Targeted App package IDs. + targetedPackageIds?: NullableOption; + // Tenant level settings for the Derived Credentials to be used for authentication. + derivedCredentialSettings?: NullableOption; + // Identity certificate for client authentication when authentication method is certificate. + identityCertificate?: NullableOption; } -export interface LicenseDetails extends Entity { - // Information about the service plans assigned with the license. Read-only, Not nullable - servicePlans?: ServicePlanInfo[]; +export interface AndroidDeviceOwnerWiFiConfiguration extends DeviceConfiguration { /** - * Unique identifier (GUID) for the service SKU. Equal to the skuId property on the related SubscribedSku object. - * Read-only + * Connect automatically when this network is in range. Setting this to true will skip the user prompt and automatically + * connect the device to Wi-Fi network. */ - skuId?: NullableOption; + connectAutomatically?: NullableOption; /** - * Unique SKU display name. Equal to the skuPartNumber on the related SubscribedSku object; for example: 'AAD_Premium'. - * Read-only + * When set to true, this profile forces the device to connect to a network that doesn't broadcast its SSID to all + * devices. */ - skuPartNumber?: NullableOption; -} -export interface OAuth2PermissionGrant extends Entity { + connectWhenNetworkNameIsHidden?: NullableOption; /** - * The object id (not appId) of the client service principal for the application that is authorized to act on behalf of a - * signed-in user when accessing an API. Required. Supports $filter (eq only). + * The MAC address randomization mode for Android device Wi-Fi configuration. Possible values include automatic and + * hardware. Default value is automatic. Possible values are: automatic, hardware, unknownFutureValue. */ - clientId?: string; + macAddressRandomizationMode?: NullableOption; + // Network Name + networkName?: string; + // This is the pre-shared key for WPA Personal Wi-Fi network. + preSharedKey?: NullableOption; + // This is the pre-shared key for WPA Personal Wi-Fi network. + preSharedKeyIsSet?: boolean; + // Specify the proxy server configuration script URL. + proxyAutomaticConfigurationUrl?: NullableOption; + // List of hosts to exclude using the proxy on connections for. These hosts can use wildcards such as .example.com. + proxyExclusionList?: NullableOption; + // Specify the proxy server IP address. Android documentation does not specify IPv4 or IPv6. For example: 192.168.1.1. + proxyManualAddress?: NullableOption; + // Specify the proxy server port. + proxyManualPort?: NullableOption; /** - * Indicates whether authorization is granted for the client application to impersonate all users or only a specific user. - * AllPrincipals indicates authorization to impersonate all users. Principal indicates authorization to impersonate a - * specific user. Consent on behalf of all users can be granted by an administrator. Nonadmin users may be authorized to - * consent on behalf of themselves in some cases, for some delegated permissions. Required. Supports $filter (eq only). + * Specify the proxy setting for Wi-Fi configuration. Possible values include none, manual, and automatic. Possible values + * are: none, manual, automatic, unknownFutureValue. */ - consentType?: NullableOption; - // Currently, the end time value is ignored, but a value is required when creating an oAuth2PermissionGrant. Required. - expiryTime?: NullableOption; + proxySettings?: WiFiProxySetting; + // This is the name of the Wi-Fi network that is broadcast to all devices. + ssid?: string; /** - * The id of the user on behalf of whom the client is authorized to access the resource, when consentType is Principal. If - * consentType is AllPrincipals this value is null. Required when consentType is Principal. Supports $filter (eq only). + * Indicates whether Wi-Fi endpoint uses an EAP based security type. Possible values are: open, wep, wpaPersonal, + * wpaEnterprise. */ - principalId?: NullableOption; + wiFiSecurityType?: AndroidDeviceOwnerWiFiSecurityType; +} +export interface AndroidEasEmailProfileConfiguration extends DeviceConfiguration { + // Exchange ActiveSync account name, displayed to users as name of EAS (this) profile. + accountName?: string; /** - * The id of the resource service principal to which access is authorized. This identifies the API that the client is - * authorized to attempt to call on behalf of a signed-in user. Supports $filter (eq only). + * Authentication method for Exchange ActiveSync. Possible values are: usernameAndPassword, certificate, + * derivedCredential. */ - resourceId?: string; + authenticationMethod?: EasAuthenticationMethod; + // Custom domain name value used while generating an email profile before installing on the device. + customDomainName?: NullableOption; /** - * A space-separated list of the claim values for delegated permissions that should be included in access tokens for the - * resource application (the API). For example, openid User.Read GroupMember.Read.All. Each claim value should match the - * value field of one of the delegated permissions defined by the API, listed in the publishedPermissionScopes property of - * the resource service principal. Must not exceed 3850 characters in length. + * Duration of time email should be synced to. Possible values are: userDefined, oneDay, threeDays, oneWeek, twoWeeks, + * oneMonth, unlimited. */ - scope?: NullableOption; - // Currently, the start time value is ignored, but a value is required when creating an oAuth2PermissionGrant. Required. - startTime?: NullableOption; -} -export interface ScopedRoleMembership extends Entity { - // Unique identifier for the administrative unit that the directory role is scoped to - administrativeUnitId?: string; - // Unique identifier for the directory role that the member is in. - roleId?: string; - // Role member identity information. Represents the user that is a member of this scoped-role. - roleMemberInfo?: Identity; -} -export interface CalendarGroup extends Entity { + durationOfEmailToSync?: EmailSyncDuration; /** - * Identifies the version of the calendar group. Every time the calendar group is changed, ChangeKey changes as well. This - * allows Exchange to apply changes to the correct version of the object. Read-only. + * Email attribute that is picked from AAD and injected into this profile before installing on the device. Possible values + * are: userPrincipalName, primarySmtpAddress. */ - changeKey?: NullableOption; - // The class identifier. Read-only. - classId?: NullableOption; - // The group name. - name?: NullableOption; - // The calendars in the calendar group. Navigation property. Read-only. Nullable. - calendars?: NullableOption; -} -export interface ContactFolder extends Entity { - // The folder's display name. - displayName?: NullableOption; - // The ID of the folder's parent folder. - parentFolderId?: NullableOption; - // The name of the folder if the folder is a recognized folder. Currently contacts is the only recognized contacts folder. - wellKnownName?: NullableOption; - // The collection of child folders in the folder. Navigation property. Read-only. Nullable. - childFolders?: NullableOption; - // The contacts in the folder. Navigation property. Read-only. Nullable. - contacts?: NullableOption; - // The collection of multi-value extended properties defined for the contactFolder. Read-only. Nullable. - multiValueExtendedProperties?: NullableOption; - // The collection of single-value extended properties defined for the contactFolder. Read-only. Nullable. - singleValueExtendedProperties?: NullableOption; -} -export interface Contact extends OutlookItem { - // The name of the contact's assistant. - assistantName?: NullableOption; + emailAddressSource?: UserEmailSource; /** - * The contact's birthday. The Timestamp type represents date and time information using ISO 8601 format and is always in - * UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z + * Email sync schedule. Possible values are: userDefined, asMessagesArrive, manual, fifteenMinutes, thirtyMinutes, + * sixtyMinutes, basedOnMyUsage. */ - birthday?: NullableOption; - // The names of the contact's children. - children?: NullableOption; - // The name of the contact's company. - companyName?: NullableOption; - // The contact's department. - department?: NullableOption; + emailSyncSchedule?: EmailSyncSchedule; + // Exchange location (URL) that the native mail app connects to. + hostName?: string; + // Indicates whether or not to use S/MIME certificate. + requireSmime?: boolean; + // Indicates whether or not to use SSL. + requireSsl?: boolean; + // Toggles syncing the calendar. If set to false calendar is turned off on the device. + syncCalendar?: boolean; + // Toggles syncing contacts. If set to false contacts are turned off on the device. + syncContacts?: boolean; + // Toggles syncing notes. If set to false notes are turned off on the device. + syncNotes?: boolean; + // Toggles syncing tasks. If set to false tasks are turned off on the device. + syncTasks?: boolean; /** - * The contact's display name. You can specify the display name in a create or update operation. Note that later updates - * to other properties may cause an automatically generated value to overwrite the displayName value you have specified. - * To preserve a pre-existing value, always include it as displayName in an update operation. + * UserDomainname attribute that is picked from AAD and injected into this profile before installing on the device. + * Possible values are: fullDomainName, netBiosDomainName. */ - displayName?: NullableOption; - // The contact's email addresses. - emailAddresses?: NullableOption; - // The name the contact is filed under. - fileAs?: NullableOption; - // The flag value that indicates the status, start date, due date, or completion date for the contact. - flag?: NullableOption; - // The contact's gender. - gender?: NullableOption; - // The contact's generation. - generation?: NullableOption; - // The contact's given name. - givenName?: NullableOption; - imAddresses?: NullableOption; - initials?: NullableOption; - isFavorite?: NullableOption; - jobTitle?: NullableOption; - manager?: NullableOption; - middleName?: NullableOption; - nickName?: NullableOption; - officeLocation?: NullableOption; - parentFolderId?: NullableOption; - personalNotes?: NullableOption; - phones?: NullableOption; - postalAddresses?: NullableOption; - profession?: NullableOption; - spouseName?: NullableOption; - surname?: NullableOption; - title?: NullableOption; - websites?: NullableOption; - weddingAnniversary?: NullableOption; - yomiCompanyName?: NullableOption; - yomiGivenName?: NullableOption; - yomiSurname?: NullableOption; - // The collection of open extensions defined for the contact. Nullable. - extensions?: NullableOption; - // The collection of multi-value extended properties defined for the contact. Read-only. Nullable. - multiValueExtendedProperties?: NullableOption; - // Optional contact picture. You can get or set a photo for a contact. - photo?: NullableOption; - // The collection of single-value extended properties defined for the contact. Read-only. Nullable. - singleValueExtendedProperties?: NullableOption; -} -// tslint:disable-next-line: interface-name -export interface InferenceClassification extends Entity { + userDomainNameSource?: NullableOption; /** - * A set of overrides for a user to always classify messages from specific senders in certain ways: focused, or other. - * Read-only. Nullable. + * Username attribute that is picked from AAD and injected into this profile before installing on the device. Possible + * values are: username, userPrincipalName, samAccountName, primarySmtpAddress. */ - overrides?: NullableOption; + usernameSource?: AndroidUsernameSource; + // Identity certificate. + identityCertificate?: NullableOption; + // S/MIME signing certificate. + smimeSigningCertificate?: NullableOption; } -export interface MailFolder extends Entity { - // The number of immediate child mailFolders in the current mailFolder. - childFolderCount?: NullableOption; - // The mailFolder's display name. - displayName?: NullableOption; +export interface AndroidEnterpriseWiFiConfiguration extends AndroidWiFiConfiguration { /** - * Indicates whether the mailFolder is hidden. This property can be set only when creating the folder. Find more - * information in Hidden mail folders. + * Indicates the Authentication Method the client (device) needs to use when the EAP Type is configured to PEAP or + * EAP-TTLS. Possible values are: certificate, usernameAndPassword, derivedCredential. */ - isHidden?: NullableOption; - // The unique identifier for the mailFolder's parent mailFolder. - parentFolderId?: NullableOption; - // The number of items in the mailFolder. - totalItemCount?: NullableOption; - // The number of items in the mailFolder marked as unread. - unreadItemCount?: NullableOption; + authenticationMethod?: NullableOption; + // Indicates the type of EAP protocol set on the Wi-Fi endpoint (router). Possible values are: eapTls, eapTtls, peap. + eapType?: AndroidEapType; /** - * The well-known folder name for the folder. The possible values are listed above. This property is only set for default - * folders created by Outlook. For other folders, this property is null. + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is EAP-TTLS and Authenticationmethod is Username and + * Password. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, + * microsoftChapVersionTwo. */ - wellKnownName?: NullableOption; - // The collection of child folders in the mailFolder. - childFolders?: NullableOption; - // The collection of rules that apply to the user's Inbox folder. - messageRules?: NullableOption; - // The collection of messages in the mailFolder. - messages?: NullableOption; - // The collection of multi-value extended properties defined for the mailFolder. Read-only. Nullable. - multiValueExtendedProperties?: NullableOption; - // The collection of single-value extended properties defined for the mailFolder. Read-only. Nullable. - singleValueExtendedProperties?: NullableOption; - userConfigurations?: NullableOption; -} -export interface Message extends OutlookItem { - // The Bcc: recipients for the message. - bccRecipients?: NullableOption; - // The body of the message. It can be in HTML or text format. Find out about safe HTML in a message body. - body?: NullableOption; + innerAuthenticationProtocolForEapTtls?: NullableOption; /** - * The first 255 characters of the message body. It is in text format. If the message contains instances of mention, this - * property would contain a concatenation of these mentions as well. + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is PEAP and Authenticationmethod is Username and + * Password. Possible values are: none, microsoftChapVersionTwo. */ - bodyPreview?: NullableOption; - // The Cc: recipients for the message. - ccRecipients?: NullableOption; - // The ID of the conversation the email belongs to. - conversationId?: NullableOption; - // Indicates the position of the message within the conversation. - conversationIndex?: NullableOption; - // The flag value that indicates the status, start date, due date, or completion date for the message. - flag?: NullableOption; + innerAuthenticationProtocolForPeap?: NullableOption; /** - * The owner of the mailbox from which the message is sent. In most cases, this value is the same as the sender property, - * except for sharing or delegation scenarios. The value must correspond to the actual mailbox used. Find out more about - * setting the from and sender properties of a message. + * Enable identity privacy (Outer Identity) when EAP Type is configured to EAP-TTLS or PEAP. The String provided here is + * used to mask the username of individual users when they attempt to connect to Wi-Fi network. */ - from?: NullableOption; + outerIdentityPrivacyTemporaryValue?: NullableOption; + // Password format string used to build the password to connect to wifi + passwordFormatString?: NullableOption; + // PreSharedKey used to build the password to connect to wifi + preSharedKey?: NullableOption; /** - * Indicates whether the message has attachments. This property doesn't include inline attachments, so if a message - * contains only inline attachments, this property is false. To verify the existence of inline attachments, parse the body - * property to look for a src attribute, such as <IMG src='cid:image001.jpg@01D26CD8.6C05F070'>. + * Trusted server certificate names when EAP Type is configured to EAP-TLS/TTLS/FAST or PEAP. This is the common name used + * in the certificates issued by your trusted certificate authority (CA). If you provide this information, you can bypass + * the dynamic trust dialog that is displayed on end users' devices when they connect to this Wi-Fi network. */ - hasAttachments?: NullableOption; - importance?: NullableOption; - inferenceClassification?: NullableOption; - internetMessageHeaders?: NullableOption; - internetMessageId?: NullableOption; - isDeliveryReceiptRequested?: NullableOption; - isDraft?: NullableOption; - isRead?: NullableOption; - isReadReceiptRequested?: NullableOption; - mentionsPreview?: NullableOption; - parentFolderId?: NullableOption; - receivedDateTime?: NullableOption; - replyTo?: NullableOption; - sender?: NullableOption; - sentDateTime?: NullableOption; - subject?: NullableOption; - toRecipients?: NullableOption; - uniqueBody?: NullableOption; - unsubscribeData?: NullableOption; - unsubscribeEnabled?: NullableOption; - webLink?: NullableOption; - // The fileAttachment and itemAttachment attachments for the message. - attachments?: NullableOption; - // The collection of open extensions defined for the message. Nullable. - extensions?: NullableOption; + trustedServerCertificateNames?: NullableOption; + // Username format string used to build the username to connect to wifi + usernameFormatString?: NullableOption; /** - * A collection of mentions in the message, ordered by the createdDateTime from the newest to the oldest. By default, a - * GET /messages does not return this property unless you apply $expand on the property. + * Identity Certificate for client authentication when EAP Type is configured to EAP-TLS, EAP-TTLS (with Certificate + * Authentication), or PEAP (with Certificate Authentication). This is the certificate presented by client to the Wi-Fi + * endpoint. The authentication server sitting behind the Wi-Fi endpoint must accept this certificate to successfully + * establish a Wi-Fi connection. */ - mentions?: NullableOption; - // The collection of multi-value extended properties defined for the message. Nullable. - multiValueExtendedProperties?: NullableOption; - // The collection of single-value extended properties defined for the message. Nullable. - singleValueExtendedProperties?: NullableOption; -} -export interface OutlookUser extends Entity { - // A list of categories defined for the user. - masterCategories?: NullableOption; - taskFolders?: NullableOption; - taskGroups?: NullableOption; - tasks?: NullableOption; -} -export interface Person extends Entity { - // The person's birthday. - birthday?: NullableOption; - // The name of the person's company. - companyName?: NullableOption; - // The person's department. - department?: NullableOption; - // The person's display name. - displayName?: NullableOption; - // The person's email addresses. - emailAddresses?: NullableOption; - // The person's given name. - givenName?: NullableOption; - // True if the user has flagged this person as a favorite. - isFavorite?: NullableOption; - // The type of mailbox that is represented by the person's email address. - mailboxType?: NullableOption; - // The location of the person's office. - officeLocation?: NullableOption; - // Free-form notes that the user has taken about this person. - personNotes?: NullableOption; - // The type of person, for example distribution list. - personType?: NullableOption; - // The person's phone numbers. - phones?: NullableOption; - // The person's addresses. - postalAddresses?: NullableOption; - // The person's profession. - profession?: NullableOption; - // The sources the user data comes from, for example Directory or Outlook Contacts. - sources?: NullableOption; - // The person's surname. - surname?: NullableOption; - // The person's title. - title?: NullableOption; + identityCertificateForClientAuthentication?: NullableOption; /** - * The user principal name (UPN) of the person. The UPN is an Internet-style login name for the person based on the - * Internet standard RFC 822. By convention, this should map to the person's email name. The general format is - * alias@domain. + * Trusted Root Certificate for Server Validation when EAP Type is configured to EAP-TLS, EAP-TTLS or PEAP. This is the + * certificate presented by the Wi-Fi endpoint when the device attempts to connect to Wi-Fi endpoint. The device (or user) + * must accept this certificate to continue the connection attempt. */ - userPrincipalName?: NullableOption; - // The person's websites. - websites?: NullableOption; - // The phonetic Japanese name of the person's company. - yomiCompany?: NullableOption; + rootCertificateForServerValidation?: NullableOption; } -export interface AppConsentRequest extends Entity { - // The display name of the app for which consent is requested. Required. Supports $filter (eq only) and $orderby. - appDisplayName?: NullableOption; - // The identifier of the application. Required. Supports $filter (eq only) and $orderby. - appId?: string; +export interface AndroidForWorkApp extends MobileApp { + // The Identity Name. This property is read-only. + appIdentifier?: NullableOption; + // The Play for Work Store app URL. + appStoreUrl?: NullableOption; + // The package identifier. This property is read-only. + packageId?: NullableOption; + // The total number of VPP licenses. + totalLicenseCount?: number; + // The number of VPP licenses in use. + usedLicenseCount?: number; +} +export interface AndroidForWorkAppConfigurationSchema extends Entity { /** - * The consent type of the request. Possible values are: Static and Dynamic. These represent static and dynamic - * permissions, respectively, requested in the consent workflow. Supports $filter (eq only) and $orderby. Required. + * UTF8 encoded byte array containing example JSON string conforming to this schema that demonstrates how to set the + * configuration for this app */ - consentType?: NullableOption; - // A list of pending scopes waiting for approval. This is empty if the consentType is Static. Required. - pendingScopes?: NullableOption; - // A list of pending user consent requests. Supports $filter (eq). - userConsentRequests?: NullableOption; -} -export interface Approval extends Entity { - // Used to represent the decision associated with a single step in the approval process configured in approvalStage. - steps?: NullableOption; + exampleJson?: NullableOption; + // Collection of items each representing a named configuration option in the schema + schemaItems?: NullableOption; } -export interface AccessReviewInstance extends Entity { +export interface AndroidForWorkCertificateProfileBase extends DeviceConfiguration { + // Scale for the Certificate Validity Period. Possible values are: days, months, years. + certificateValidityPeriodScale?: CertificateValidityPeriodScale; + // Value for the Certificate Validity Period. + certificateValidityPeriodValue?: number; + // Extended Key Usage (EKU) settings. This collection can contain a maximum of 500 elements. + extendedKeyUsages?: ExtendedKeyUsage[]; + // Certificate renewal threshold percentage. Valid values 1 to 99 + renewalThresholdPercentage?: number; /** - * DateTime when review instance is scheduled to end. The DatetimeOffset type represents date and time information using - * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports - * $select. Read-only. + * Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, + * customAzureADAttribute, domainNameService, universalResourceIdentifier. */ - endDateTime?: NullableOption; - // Collection of errors in an access review instance lifecycle. Read-only. - errors?: NullableOption; + subjectAlternativeNameType?: NullableOption; /** - * This collection of reviewer scopes is used to define the list of fallback reviewers. These fallback reviewers are - * notified to take action if no users are found from the list of reviewers specified. This could occur when either the - * group owner is specified as the reviewer but the group owner doesn't exist, or manager is specified as reviewer but a - * user's manager doesn't exist. Supports $select. + * Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, + * commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, + * commonNameAsDurableDeviceId. */ - fallbackReviewers?: NullableOption; + subjectNameFormat?: SubjectNameFormat; + // Trusted Root Certificate. + rootCertificate?: NullableOption; +} +export interface AndroidForWorkCompliancePolicy extends DeviceCompliancePolicy { + // Require that devices have enabled device threat protection. + deviceThreatProtectionEnabled?: boolean; /** - * This collection of access review scopes is used to define who the reviewers are. Supports $select. For examples of - * options for assigning reviewers, see Assign reviewers to your access review definition using the Microsoft Graph API. + * Require Mobile Threat Protection minimum risk level to report noncompliance. Possible values are: unavailable, secured, + * low, medium, high, notSet. */ - reviewers?: NullableOption; + deviceThreatProtectionRequiredSecurityLevel?: DeviceThreatProtectionLevel; + // Minimum Android security patch level. + minAndroidSecurityPatchLevel?: NullableOption; + // Maximum Android version. + osMaximumVersion?: NullableOption; + // Minimum Android version. + osMinimumVersion?: NullableOption; + // Number of days before the password expires. Valid values 1 to 365 + passwordExpirationDays?: NullableOption; + // Minimum password length. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Minutes of inactivity before a password is required. + passwordMinutesOfInactivityBeforeLock?: NullableOption; + // Number of previous passwords to block. Valid values 1 to 24 + passwordPreviousPasswordBlockCount?: NullableOption; + // Require a password to unlock device. + passwordRequired?: boolean; /** - * Created based on scope and instanceEnumerationScope at the accessReviewScheduleDefinition level. Defines the scope of - * users reviewed in a group. Supports $select and $filter (contains only). Read-only. + * Type of characters in password. Possible values are: deviceDefault, alphabetic, alphanumeric, alphanumericWithSymbols, + * lowSecurityBiometric, numeric, numericComplex, any. */ - scope?: NullableOption; + passwordRequiredType?: AndroidRequiredPasswordType; + // Number of sign-in failures allowed before factory reset. Valid values 1 to 16 + passwordSignInFailureCountBeforeFactoryReset?: NullableOption; /** - * DateTime when review instance is scheduled to start. May be in the future. The DateTimeOffset type represents date and - * time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is - * 2014-01-01T00:00:00Z. Supports $select. Read-only. + * Indicates the required device password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is a new API + * targeted to Android API 12+. Possible values are: none, low, medium, high. */ - startDateTime?: NullableOption; + requiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Devices must not be jailbroken or rooted. + securityBlockJailbrokenDevices?: boolean; + // Disable USB debugging on Android devices. + securityDisableUsbDebugging?: boolean; + // Require that devices disallow installation of apps from unknown sources. + securityPreventInstallAppsFromUnknownSources?: boolean; + // Require the device to pass the Company Portal client app runtime integrity check. + securityRequireCompanyPortalAppIntegrity?: boolean; + // Require a specific SafetyNet evaluation type for compliance. Possible values are: basic, hardwareBacked. + securityRequiredAndroidSafetyNetEvaluationType?: AndroidSafetyNetEvaluationType; + // Require Google Play Services to be installed and enabled on the device. + securityRequireGooglePlayServices?: boolean; + // Require the device to pass the Play Integrity basic integrity check. + securityRequireSafetyNetAttestationBasicIntegrity?: boolean; + // Require the device to pass the Play Integrity device integrity check. + securityRequireSafetyNetAttestationCertifiedDevice?: boolean; /** - * Specifies the status of an accessReview. Possible values: Initializing, NotStarted, Starting, InProgress, Completing, - * Completed, AutoReviewing, and AutoReviewed. Supports $select, $orderby, and $filter (eq only). Read-only. + * Require the device to have up to date security providers. The device will require Google Play Services to be enabled + * and up to date. */ - status?: NullableOption; + securityRequireUpToDateSecurityProviders?: boolean; + // Require the Android Verify apps feature is turned on. + securityRequireVerifyApps?: boolean; + // Require encryption on Android devices. + storageRequireEncryption?: boolean; + // Minutes of inactivity before the screen times out. + workProfileInactiveBeforeScreenLockInMinutes?: NullableOption; + // Number of days before the work profile password expires. Valid values 1 to 365 + workProfilePasswordExpirationInDays?: NullableOption; + // Minimum length of work profile password. Valid values 4 to 16 + workProfilePasswordMinimumLength?: NullableOption; /** - * Returns the collection of reviewers who were contacted to complete this review. While the reviewers and - * fallbackReviewers properties of the accessReviewScheduleDefinition might specify group owners or managers as reviewers, - * contactedReviewers returns their individual identities. Supports $select. Read-only. + * Type of work profile password that is required. Possible values are: deviceDefault, lowSecurityBiometric, required, + * atLeastNumeric, numericComplex, atLeastAlphabetic, atLeastAlphanumeric, alphanumericWithSymbols. */ - contactedReviewers?: NullableOption; + workProfilePasswordRequiredType?: AndroidForWorkRequiredPasswordType; + // Number of previous work profile passwords to block. Valid values 0 to 24 + workProfilePreviousPasswordBlockCount?: NullableOption; /** - * Each user reviewed in an accessReviewInstance has a decision item representing if they were approved, denied, or not - * yet reviewed. + * Indicates the required work profile password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is a new API + * targeted to Android 12+. Possible values are: none, low, medium, high. */ - decisions?: NullableOption; + workProfileRequiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Password is required or not for work profile + workProfileRequirePassword?: boolean; +} +export interface AndroidForWorkCustomConfiguration extends DeviceConfiguration { + // OMA settings. This collection can contain a maximum of 500 elements. + omaSettings?: NullableOption; +} +export interface AndroidForWorkEasEmailProfileBase extends DeviceConfiguration { /** - * There's exactly one accessReviewScheduleDefinition associated with each instance. It's the parent schedule for the - * instance, where instances are created for each recurrence of a review definition and each group selected to review by - * the definition. + * Authentication method for Exchange ActiveSync. Possible values are: usernameAndPassword, certificate, + * derivedCredential. */ - definition?: NullableOption; + authenticationMethod?: EasAuthenticationMethod; /** - * If the instance has multiple stages, this returns the collection of stages. A new stage will only be created when the - * previous stage ends. The existence, number, and settings of stages on a review instance are created based on the - * accessReviewStageSettings on the parent accessReviewScheduleDefinition. + * Duration of time email should be synced to. Possible values are: userDefined, oneDay, threeDays, oneWeek, twoWeeks, + * oneMonth, unlimited. */ - stages?: NullableOption; -} -export interface AgreementAcceptance extends Entity { - // ID of the agreement file accepted by the user. - agreementFileId?: NullableOption; - // ID of the agreement. - agreementId?: NullableOption; - // The display name of the device used for accepting the agreement. - deviceDisplayName?: NullableOption; - // The unique identifier of the device used for accepting the agreement. Supports $filter (eq) and eq for null values. - deviceId?: NullableOption; - // The operating system used for accepting the agreement. - deviceOSType?: NullableOption; - // The operating system version of the device used for accepting the agreement. - deviceOSVersion?: NullableOption; + durationOfEmailToSync?: EmailSyncDuration; /** - * The expiration date time of the acceptance. The Timestamp type represents date and time information using ISO 8601 - * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter - * (eq, ge, le) and eq for null values. + * Email attribute that is picked from AAD and injected into this profile before installing on the device. Possible values + * are: userPrincipalName, primarySmtpAddress. */ - expirationDateTime?: NullableOption; + emailAddressSource?: UserEmailSource; + // Exchange location (URL) that the mail app connects to. + hostName?: string; + // Indicates whether or not to use SSL. + requireSsl?: boolean; /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq) and eq for null values. + * Username attribute that is picked from AAD and injected into this profile before installing on the device. Possible + * values are: username, userPrincipalName, samAccountName, primarySmtpAddress. */ - recordedDateTime?: NullableOption; - // Possible values are: accepted, declined. Supports $filter (eq). - state?: NullableOption; - // Display name of the user when the acceptance was recorded. - userDisplayName?: NullableOption; - // Email of the user when the acceptance was recorded. - userEmail?: NullableOption; - // ID of the user who accepted the agreement. Supports $filter (eq). - userId?: NullableOption; - // UPN of the user when the acceptance was recorded. - userPrincipalName?: NullableOption; + usernameSource?: AndroidUsernameSource; + // Identity certificate. + identityCertificate?: NullableOption; } -export interface DeviceEnrollmentConfiguration extends Entity { - // Created date time in UTC of the device enrollment configuration +export interface AndroidForWorkEnrollmentProfile extends Entity { + // Tenant GUID the enrollment profile belongs to. + accountId?: NullableOption; + // Date time the enrollment profile was created. createdDateTime?: string; - // The description of the device enrollment configuration + // Description for the enrollment profile. description?: NullableOption; - // Support for Enrollment Configuration Type - deviceEnrollmentConfigurationType?: DeviceEnrollmentConfigurationType; - // The display name of the device enrollment configuration + // Display name for the enrollment profile. displayName?: NullableOption; - // Last modified date time in UTC of the device enrollment configuration + // Total number of Android devices that have enrolled using this enrollment profile. + enrolledDeviceCount?: number; + // Date time the enrollment profile was last modified. lastModifiedDateTime?: string; - /** - * Priority is used when a user exists in multiple groups that are assigned enrollment configuration. Users are subject - * only to the configuration with the lowest priority value. - */ - priority?: number; - // Optional role scope tags for the enrollment restrictions. - roleScopeTagIds?: NullableOption; - // The version of the device enrollment configuration - version?: number; - // The list of group assignments for the device configuration profile - assignments?: NullableOption; + // String used to generate a QR code for the token. + qrCodeContent?: NullableOption; + // String used to generate a QR code for the token. + qrCodeImage?: NullableOption; + // Date time the most recently created token will expire. + tokenExpirationDateTime?: string; + // Value of the most recently created token for this enrollment profile. + tokenValue?: NullableOption; } -export interface ManagedDevice extends Entity { - cloudPcRemoteActionResults?: NullableOption; - // Whether the device is Azure Active Directory registered. This property is read-only. - aadRegistered?: NullableOption; - /** - * The code that allows the Activation Lock on managed device to be bypassed. Default, is Null (Non-Default property) for - * this property when returned as part of managedDevice entity in LIST call. To retrieve actual values GET call needs to - * be made, with device id and included in select parameter. Supports: $select. $Search is not supported. Read-only. This - * property is read-only. - */ - activationLockBypassCode?: NullableOption; - // Android security patch level. This property is read-only. - androidSecurityPatchLevel?: NullableOption; - // Reports if the managed device is enrolled via auto-pilot. This property is read-only. - autopilotEnrolled?: boolean; - // The unique identifier for the Azure Active Directory device. Read only. This property is read-only. - azureActiveDirectoryDeviceId?: NullableOption; - // The unique identifier for the Azure Active Directory device. Read only. This property is read-only. - azureADDeviceId?: NullableOption; - // Whether the device is Azure Active Directory registered. This property is read-only. - azureADRegistered?: NullableOption; - /** - * Reports if the managed device has an escrowed Bootstrap Token. This is only for macOS devices. To get, include - * BootstrapTokenEscrowed in the select clause and query with a device id. If FALSE, no bootstrap token is escrowed. If - * TRUE, the device has escrowed a bootstrap token with Intune. This property is read-only. - */ - bootstrapTokenEscrowed?: boolean; - /** - * Chassis type of the device. This property is read-only. Possible values are: unknown, desktop, laptop, - * worksWorkstation, enterpriseServer, phone, tablet, mobileOther, mobileUnknown. - */ - chassisType?: ChassisType; - /** - * List of properties of the ChromeOS Device. Default is an empty list. To retrieve actual values GET call needs to be - * made, with device id and included in select parameter. - */ - chromeOSDeviceInfo?: NullableOption; - // The DateTime when device compliance grace period expires. This property is read-only. - complianceGracePeriodExpirationDateTime?: string; +export interface AndroidForWorkEnterpriseWiFiConfiguration extends AndroidForWorkWiFiConfiguration { /** - * Compliance state of the device. Examples: Compliant, Conflict, Error, etc. Default is unknown. Supports $filter - * operator 'eq' and 'or'. This property is read-only. Possible values are: unknown, compliant, noncompliant, conflict, - * error, inGracePeriod, configManager. + * Indicates the Authentication Method the client (device) needs to use when the EAP Type is configured to PEAP or + * EAP-TTLS. Possible values are: certificate, usernameAndPassword, derivedCredential. */ - complianceState?: ComplianceState; - // ConfigrMgr client enabled features. This property is read-only. - configurationManagerClientEnabledFeatures?: NullableOption; - // Configuration manager client health state, valid only for devices managed by MDM/ConfigMgr Agent - configurationManagerClientHealthState?: NullableOption; + authenticationMethod?: NullableOption; + // Indicates the type of EAP protocol set on the Wi-Fi endpoint (router). Possible values are: eapTls, eapTtls, peap. + eapType?: AndroidEapType; /** - * Configuration manager client information, valid only for devices managed, duel-managed or tri-managed by ConfigMgr - * Agent + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is EAP-TTLS and Authenticationmethod is Username and + * Password. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, + * microsoftChapVersionTwo. */ - configurationManagerClientInformation?: NullableOption; - // List of ComplexType deviceActionResult objects. This property is read-only. - deviceActionResults?: NullableOption; + innerAuthenticationProtocolForEapTtls?: NullableOption; /** - * Device category display name. Default is an empty string. Supports $filter operator 'eq' and 'or'. This property is - * read-only. + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is PEAP and Authenticationmethod is Username and + * Password. Possible values are: none, microsoftChapVersionTwo. */ - deviceCategoryDisplayName?: NullableOption; + innerAuthenticationProtocolForPeap?: NullableOption; /** - * Enrollment type of the device. This property is read-only. Possible values are: unknown, userEnrollment, - * deviceEnrollmentManager, appleBulkWithUser, appleBulkWithoutUser, windowsAzureADJoin, windowsBulkUserless, - * windowsAutoEnrollment, windowsBulkAzureDomainJoin, windowsCoManagement, windowsAzureADJoinUsingDeviceAuth, - * appleUserEnrollment, appleUserEnrollmentWithServiceAccount, azureAdJoinUsingAzureVmExtension, - * androidEnterpriseDedicatedDevice, androidEnterpriseFullyManaged, androidEnterpriseCorporateWorkProfile. + * Enable identity privacy (Outer Identity) when EAP Type is configured to EAP-TTLS or PEAP. The String provided here is + * used to mask the username of individual users when they attempt to connect to Wi-Fi network. */ - deviceEnrollmentType?: DeviceEnrollmentType; + outerIdentityPrivacyTemporaryValue?: NullableOption; /** - * Indicates whether the device is DFCI managed. When TRUE the device is DFCI managed. When FALSE, the device is not DFCI - * managed. The default value is FALSE. + * Trusted server certificate names when EAP Type is configured to EAP-TLS/TTLS/FAST or PEAP. This is the common name used + * in the certificates issued by your trusted certificate authority (CA). If you provide this information, you can bypass + * the dynamic trust dialog that is displayed on end users' devices when they connect to this Wi-Fi network. */ - deviceFirmwareConfigurationInterfaceManaged?: boolean; - // The device health attestation state. This property is read-only. - deviceHealthAttestationState?: NullableOption; - // Indicates the attestation status of the managed device. And in which way. Default: Unknown. - deviceIdentityAttestationDetail?: NullableOption; - // Name of the device. This property is read-only. - deviceName?: NullableOption; + trustedServerCertificateNames?: NullableOption; /** - * Device registration state. This property is read-only. Possible values are: notRegistered, registered, revoked, - * keyConflict, approvalPending, certificateReset, notRegisteredPendingEnrollment, unknown. + * Identity Certificate for client authentication when EAP Type is configured to EAP-TLS, EAP-TTLS (with Certificate + * Authentication), or PEAP (with Certificate Authentication). This is the certificate presented by client to the Wi-Fi + * endpoint. The authentication server sitting behind the Wi-Fi endpoint must accept this certificate to successfully + * establish a Wi-Fi connection. */ - deviceRegistrationState?: DeviceRegistrationState; + identityCertificateForClientAuthentication?: NullableOption; /** - * Platform of the device. Examples: Desktop, WindowsRT, etc. Default is unknown. Supports $filter operator 'eq' and 'or'. - * This property is read-only. Possible values are: desktop, windowsRT, winMO6, nokia, windowsPhone, mac, winCE, - * winEmbedded, iPhone, iPad, iPod, android, iSocConsumer, unix, macMDM, holoLens, surfaceHub, androidForWork, - * androidEnterprise, windows10x, androidnGMS, chromeOS, linux, blackberry, palm, unknown, cloudPC. + * Trusted Root Certificate for Server Validation when EAP Type is configured to EAP-TLS, EAP-TTLS or PEAP. This is the + * certificate presented by the Wi-Fi endpoint when the device attempts to connect to Wi-Fi endpoint. The device (or user) + * must accept this certificate to continue the connection attempt. */ - deviceType?: DeviceType; - // Whether the device is Exchange ActiveSync activated. This property is read-only. - easActivated?: boolean; - // Exchange ActivationSync activation time of the device. This property is read-only. - easActivationDateTime?: string; - // Exchange ActiveSync Id of the device. This property is read-only. - easDeviceId?: NullableOption; - // Email(s) for the user associated with the device. This property is read-only. - emailAddress?: NullableOption; - // Enrollment time of the device. Supports $filter operator 'lt' and 'gt'. This property is read-only. - enrolledDateTime?: string; + rootCertificateForServerValidation?: NullableOption; +} +export interface AndroidForWorkGeneralDeviceConfiguration extends DeviceConfiguration { + // Determine domains allow-list for accounts that can be added to work profile. + allowedGoogleAccountDomains?: NullableOption; + // Prevent using unified password for unlocking device and work profile. + blockUnifiedPasswordForWorkProfile?: boolean; + // Indicates whether or not to block face unlock. + passwordBlockFaceUnlock?: boolean; + // Indicates whether or not to block fingerprint unlock. + passwordBlockFingerprintUnlock?: boolean; + // Indicates whether or not to block iris unlock. + passwordBlockIrisUnlock?: boolean; + // Indicates whether or not to block Smart Lock and other trust agents. + passwordBlockTrustAgents?: boolean; + // Number of days before the password expires. Valid values 1 to 365 + passwordExpirationDays?: NullableOption; + // Minimum length of passwords. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Minutes of inactivity before the screen times out. + passwordMinutesOfInactivityBeforeScreenTimeout?: NullableOption; + // Number of previous passwords to block. Valid values 0 to 24 + passwordPreviousPasswordBlockCount?: NullableOption; /** - * Name of the enrollment profile assigned to the device. Default value is empty string, indicating no enrollment profile - * was assgined. This property is read-only. + * Type of password that is required. Possible values are: deviceDefault, lowSecurityBiometric, required, atLeastNumeric, + * numericComplex, atLeastAlphabetic, atLeastAlphanumeric, alphanumericWithSymbols. */ - enrollmentProfileName?: NullableOption; + passwordRequiredType?: AndroidForWorkRequiredPasswordType; + // Number of sign in failures allowed before factory reset. Valid values 1 to 16 + passwordSignInFailureCountBeforeFactoryReset?: NullableOption; /** - * Indicates Ethernet MAC Address of the device. Default, is Null (Non-Default property) for this property when returned - * as part of managedDevice entity. Individual get call with select query options is needed to retrieve actual values. - * Example: deviceManagement/managedDevices({managedDeviceId})?$select=ethernetMacAddress Supports: $select. $Search is - * not supported. Read-only. This property is read-only. + * Indicates the required device password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is a new API + * targeted to Android 12+. Possible values are: none, low, medium, high. */ - ethernetMacAddress?: NullableOption; + requiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Require the Android Verify apps feature is turned on. + securityRequireVerifyApps?: boolean; + // Enable lockdown mode for always-on VPN. + vpnAlwaysOnPackageIdentifier?: NullableOption; + // Enable lockdown mode for always-on VPN. + vpnEnableAlwaysOnLockdownMode?: boolean; /** - * The Access State of the device in Exchange. This property is read-only. Possible values are: none, unknown, allowed, - * blocked, quarantined. + * Control user's ability to add accounts in work profile including Google accounts. Possible values are: + * allowAllExceptGoogleAccounts, blockAll, allowAll, unknownFutureValue. */ - exchangeAccessState?: DeviceManagementExchangeAccessState; + workProfileAccountUse?: AndroidWorkProfileAccountUse; + // Allow widgets from work profile apps. + workProfileAllowWidgets?: boolean; + // Block users from adding/removing accounts in work profile. + workProfileBlockAddingAccounts?: boolean; + // Block work profile camera. + workProfileBlockCamera?: boolean; + // Block display work profile caller ID in personal profile. + workProfileBlockCrossProfileCallerId?: boolean; + // Block work profile contacts availability in personal profile. + workProfileBlockCrossProfileContactsSearch?: boolean; + // Boolean that indicates if the setting disallow cross profile copy/paste is enabled. + workProfileBlockCrossProfileCopyPaste?: boolean; + // Indicates whether or not to block notifications while device locked. + workProfileBlockNotificationsWhileDeviceLocked?: boolean; + // Prevent app installations from unknown sources in the personal profile. + workProfileBlockPersonalAppInstallsFromUnknownSources?: boolean; + // Block screen capture in work profile. + workProfileBlockScreenCapture?: boolean; + // Allow bluetooth devices to access enterprise contacts. + workProfileBluetoothEnableContactSharing?: boolean; /** - * The reason for the device's access state in Exchange. This property is read-only. Possible values are: none, unknown, - * exchangeGlobalRule, exchangeIndividualRule, exchangeDeviceRule, exchangeUpgrade, exchangeMailboxPolicy, other, - * compliant, notCompliant, notEnrolled, unknownLocation, mfaRequired, azureADBlockDueToAccessPolicy, compromisedPassword, - * deviceNotKnownWithManagedApp. + * Type of data sharing that is allowed. Possible values are: deviceDefault, preventAny, allowPersonalToWork, + * noRestrictions. */ - exchangeAccessStateReason?: DeviceManagementExchangeAccessStateReason; - // Last time the device contacted Exchange. This property is read-only. - exchangeLastSuccessfulSyncDateTime?: string; - // Free Storage in Bytes. Default value is 0. Read-only. This property is read-only. - freeStorageSpaceInBytes?: number; + workProfileDataSharingType?: AndroidForWorkCrossProfileDataSharingType; + // Type of password that is required. Possible values are: deviceDefault, prompt, autoGrant, autoDeny. + workProfileDefaultAppPermissionPolicy?: AndroidForWorkDefaultAppPermissionPolicyType; + // Indicates whether or not to block face unlock for work profile. + workProfilePasswordBlockFaceUnlock?: boolean; + // Indicates whether or not to block fingerprint unlock for work profile. + workProfilePasswordBlockFingerprintUnlock?: boolean; + // Indicates whether or not to block iris unlock for work profile. + workProfilePasswordBlockIrisUnlock?: boolean; + // Indicates whether or not to block Smart Lock and other trust agents for work profile. + workProfilePasswordBlockTrustAgents?: boolean; + // Number of days before the work profile password expires. Valid values 1 to 365 + workProfilePasswordExpirationDays?: NullableOption; + // Minimum length of work profile password. Valid values 4 to 16 + workProfilePasswordMinimumLength?: NullableOption; + // Minimum # of letter characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinLetterCharacters?: NullableOption; + // Minimum # of lower-case characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinLowerCaseCharacters?: NullableOption; + // Minimum # of non-letter characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinNonLetterCharacters?: NullableOption; + // Minimum # of numeric characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinNumericCharacters?: NullableOption; + // Minimum # of symbols required in work profile password. Valid values 1 to 10 + workProfilePasswordMinSymbolCharacters?: NullableOption; + // Minimum # of upper-case characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinUpperCaseCharacters?: NullableOption; + // Minutes of inactivity before the screen times out. + workProfilePasswordMinutesOfInactivityBeforeScreenTimeout?: NullableOption; + // Number of previous work profile passwords to block. Valid values 0 to 24 + workProfilePasswordPreviousPasswordBlockCount?: NullableOption; /** - * The hardward details for the device. Includes information such as storage space, manufacturer, serial number, etc. By - * default most property of this type are set to null/0/false and enum defaults for associated types. To retrieve actual - * values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not - * supported. Read-only. This property is read-only. + * Type of work profile password that is required. Possible values are: deviceDefault, lowSecurityBiometric, required, + * atLeastNumeric, numericComplex, atLeastAlphabetic, atLeastAlphanumeric, alphanumericWithSymbols. */ - hardwareInformation?: NullableOption; + workProfilePasswordRequiredType?: AndroidForWorkRequiredPasswordType; + // Number of sign in failures allowed before work profile is removed and all corporate data deleted. Valid values 1 to 16 + workProfilePasswordSignInFailureCountBeforeFactoryReset?: NullableOption; /** - * Integrated Circuit Card Identifier, it is A SIM card's unique identification number. Default is an empty string. To - * retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. - * $Search is not supported. Read-only. This property is read-only. + * Indicates the required work profile password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is a new API + * targeted to Android 12+. Possible values are: none, low, medium, high. */ - iccid?: NullableOption; - // IMEI. This property is read-only. - imei?: NullableOption; - // Device encryption status. This property is read-only. - isEncrypted?: boolean; - // Device supervised status. This property is read-only. - isSupervised?: boolean; + workProfileRequiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Password is required or not for work profile + workProfileRequirePassword?: boolean; +} +// tslint:disable-next-line: no-empty-interface +export interface AndroidForWorkGmailEasConfiguration extends AndroidForWorkEasEmailProfileBase {} +export interface AndroidForWorkImportedPFXCertificateProfile extends AndroidCertificateProfileBase { /** - * Whether the device is jail broken or rooted. Default is an empty string. Supports $filter operator 'eq' and 'or'. This - * property is read-only. + * Intended Purpose of the Certificate Profile - which could be Unassigned, SmimeEncryption, SmimeSigning etc. Possible + * values are: unassigned, smimeEncryption, smimeSigning, vpn, wifi. */ - jailBroken?: NullableOption; - // Device join type. Possible values are: unknown, azureADJoined, azureADRegistered, hybridAzureADJoined. - joinType?: JoinType; + intendedPurpose?: IntendedPurpose; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidForWorkMobileAppConfiguration extends ManagedDeviceMobileAppConfiguration { + // Setting to specify whether to allow ConnectedApps experience for this app. + connectedAppsEnabled?: boolean; + // Android For Work app configuration package id. + packageId?: NullableOption; + // Android For Work app configuration JSON payload. + payloadJson?: NullableOption; + // List of Android app permissions and corresponding permission actions. + permissionActions?: NullableOption; /** - * The date and time that the device last completed a successful sync with Intune. Supports $filter operator 'lt' and - * 'gt'. This property is read-only. + * Android Enterprise profile applicability (AndroidWorkProfile, DeviceOwner, or default (applies to both)). Possible + * values are: default, androidWorkProfile, androidDeviceOwner. */ - lastSyncDateTime?: string; - // Indicates if Lost mode is enabled or disabled. This property is read-only. Possible values are: disabled, enabled. - lostModeState?: LostModeState; - // Automatically generated name to identify a device. Can be overwritten to a user friendly name. - managedDeviceName?: NullableOption; - // Ownership of the device. Can be 'company' or 'personal'. Possible values are: unknown, company, personal. - managedDeviceOwnerType?: ManagedDeviceOwnerType; + profileApplicability?: AndroidProfileApplicability; +} +export interface AndroidForWorkNineWorkEasConfiguration extends AndroidForWorkEasEmailProfileBase { + // Toggles syncing the calendar. If set to false the calendar is turned off on the device. + syncCalendar?: boolean; + // Toggles syncing contacts. If set to false contacts are turned off on the device. + syncContacts?: boolean; + // Toggles syncing tasks. If set to false tasks are turned off on the device. + syncTasks?: boolean; +} +export interface AndroidForWorkPkcsCertificateProfile extends AndroidForWorkCertificateProfileBase { + // PKCS Certificate Template Name + certificateTemplateName?: string; + // PKCS Certification Authority + certificationAuthority?: string; + // PKCS Certification Authority Name + certificationAuthorityName?: string; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidForWorkScepCertificateProfile extends AndroidForWorkCertificateProfileBase { + // Target store certificate. Possible values are: user, machine. + certificateStore?: NullableOption; + // Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements. + customSubjectAlternativeNames?: NullableOption; + // SCEP Hash Algorithm. Possible values are: sha1, sha2. + hashAlgorithm?: HashAlgorithms; + // SCEP Key Size. Possible values are: size1024, size2048, size4096. + keySize?: KeySize; + // SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature. + keyUsage?: KeyUsages; + // SCEP Server Url(s) + scepServerUrls?: NullableOption; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; /** - * Management channel of the device. Examples: Intune, EAS, etc. Default is unknown. Supports $filter operator 'eq' and - * 'or'. This property is read-only. Possible values are: eas, mdm, easMdm, intuneClient, easIntuneClient, - * configurationManagerClient, configurationManagerClientMdm, configurationManagerClientMdmEas, unknown, jamf, - * googleCloudDevicePolicyController, microsoft365ManagedMdm, msSense, intuneAosp. + * Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise + * Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US */ - managementAgent?: ManagementAgentType; - // Reports device management certificate expiration date. This property is read-only. - managementCertificateExpirationDate?: string; - // Device management features. Possible values are: none, microsoftManagedDesktop. - managementFeatures?: ManagedDeviceManagementFeatures; + subjectNameFormatString?: NullableOption; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidForWorkSettings extends Entity { + // Bind status of the tenant with the Google EMM API. Possible values are: notBound, bound, boundAndValidated, unbinding. + bindStatus?: AndroidForWorkBindStatus; + // Indicates if this account is flighting for Android Device Owner Management with CloudDPC. + deviceOwnerManagementEnabled?: boolean; /** - * Management state of the device. Examples: Managed, RetirePending, etc. Default is managed. Supports $filter operator - * 'eq' and 'or'. This property is read-only. Possible values are: managed, retirePending, retireFailed, wipePending, - * wipeFailed, unhealthy, deletePending, retireIssued, wipeIssued, wipeCanceled, retireCanceled, discovered. + * Indicates which users can enroll devices in Android for Work device management. Possible values are: none, all, + * targeted, targetedAsEnrollmentRestrictions. */ - managementState?: ManagementState; - // Manufacturer of the device. This property is read-only. - manufacturer?: NullableOption; - // MEID. This property is read-only. - meid?: NullableOption; - // Model of the device. This property is read-only. - model?: NullableOption; + enrollmentTarget?: AndroidForWorkEnrollmentTarget; + // Last completion time for app sync + lastAppSyncDateTime?: NullableOption; /** - * Notes on the device created by IT Admin. Default is null. To retrieve actual values GET call needs to be made, with - * device id and included in select parameter. Supports: $select. $Search is not supported. + * Last application sync result. Possible values are: success, credentialsNotValid, androidForWorkApiError, + * managementServiceError, unknownError, none. */ - notes?: NullableOption; - // Operating system of the device. Windows, iOS, etc. This property is read-only. - operatingSystem?: NullableOption; - // Operating system version of the device. This property is read-only. - osVersion?: NullableOption; + lastAppSyncStatus?: AndroidForWorkSyncStatus; + // Last modification time for Android for Work settings + lastModifiedDateTime?: NullableOption; + // Organization name used when onboarding Android for Work + ownerOrganizationName?: NullableOption; + // Owner UPN that created the enterprise + ownerUserPrincipalName?: NullableOption; /** - * Ownership of the device. Possible values are, 'company' or 'personal'. Default is unknown. Supports $filter operator - * 'eq' and 'or'. Possible values are: unknown, company, personal. + * Specifies which AAD groups can enroll devices in Android for Work device management if enrollmentTarget is set to + * 'Targeted' */ - ownerType?: OwnerType; + targetGroupIds?: NullableOption; +} +export interface AndroidForWorkTrustedRootCertificate extends DeviceConfiguration { + // File name to display in UI. + certFileName?: NullableOption; + // Trusted Root Certificate + trustedRootCertificate?: string; +} +export interface AndroidForWorkVpnConfiguration extends DeviceConfiguration { + // Authentication method. Possible values are: certificate, usernameAndPassword, sharedSecret, derivedCredential, azureAD. + authenticationMethod?: VpnAuthenticationMethod; + // Connection name displayed to the user. + connectionName?: string; /** - * Indicates the threat state of a device when a Mobile Threat Defense partner is in use by the account and device. Read - * Only. This property is read-only. Possible values are: unknown, activated, deactivated, secured, lowSeverity, - * mediumSeverity, highSeverity, unresponsive, compromised, misconfigured. + * Connection type. Possible values are: ciscoAnyConnect, pulseSecure, f5EdgeClient, dellSonicWallMobileConnect, + * checkPointCapsuleVpn, citrix. */ - partnerReportedThreatState?: ManagedDevicePartnerReportedHealthState; - // Phone number of the device. This property is read-only. - phoneNumber?: NullableOption; + connectionType?: AndroidForWorkVpnConnectionType; + // Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements. + customData?: NullableOption; + // Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements. + customKeyValueData?: NullableOption; /** - * Total Memory in Bytes. Default is 0. To retrieve actual values GET call needs to be made, with device id and included - * in select parameter. Supports: $select. Read-only. This property is read-only. + * Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when + * connection type is Check Point Capsule VPN. */ - physicalMemoryInBytes?: number; + fingerprint?: NullableOption; + // Realm when connection type is set to Pulse Secure. + realm?: NullableOption; + // Role when connection type is set to Pulse Secure. + role?: NullableOption; /** - * Reports the DateTime the preferMdmOverGroupPolicy setting was set. When set, the Intune MDM settings will override - * Group Policy settings if there is a conflict. Read Only. This property is read-only. + * List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain + * a maximum of 500 elements. */ - preferMdmOverGroupPolicyAppliedDateTime?: string; - // Processor architecture. This property is read-only. Possible values are: unknown, x86, x64, arm, arM64. - processorArchitecture?: ManagedDeviceArchitecture; - // An error string that identifies issues when creating Remote Assistance session objects. This property is read-only. - remoteAssistanceSessionErrorDetails?: NullableOption; + servers?: VpnServer[]; + // Identity certificate for client authentication when authentication method is certificate. + identityCertificate?: NullableOption; +} +export interface AndroidForWorkWiFiConfiguration extends DeviceConfiguration { /** - * Url that allows a Remote Assistance session to be established with the device. Default is an empty string. To retrieve - * actual values GET call needs to be made, with device id and included in select parameter. This property is read-only. + * Connect automatically when this network is in range. Setting this to true will skip the user prompt and automatically + * connect the device to Wi-Fi network. */ - remoteAssistanceSessionUrl?: NullableOption; - // Reports if the managed iOS device is user approval enrollment. This property is read-only. - requireUserEnrollmentApproval?: NullableOption; - // Indicates the time after when a device will be auto retired because of scheduled action. This property is read-only. - retireAfterDateTime?: string; - // List of Scope Tag IDs for this Device instance. - roleScopeTagIds?: NullableOption; + connectAutomatically?: boolean; /** - * This indicates the security patch level of the operating system. These special updates contain important security - * fixes. For iOS/MacOS they are in (a) format. For android its in 2017-08-07 format. This property is read-only. + * When set to true, this profile forces the device to connect to a network that doesn't broadcast its SSID to all + * devices. */ - securityPatchLevel?: NullableOption; - // SerialNumber. This property is read-only. - serialNumber?: NullableOption; - // Device sku family - skuFamily?: NullableOption; + connectWhenNetworkNameIsHidden?: boolean; + // Network Name + networkName?: string; + // This is the name of the Wi-Fi network that is broadcast to all devices. + ssid?: string; /** - * Device sku number, see also: https://learn.microsoft.com/windows/win32/api/sysinfoapi/nf-sysinfoapi-getproductinfo. - * Valid values 0 to 2147483647. This property is read-only. + * Indicates whether Wi-Fi endpoint uses an EAP based security type. Possible values are: open, wpaEnterprise, + * wpa2Enterprise. */ - skuNumber?: number; - // Specification version. This property is read-only. - specificationVersion?: NullableOption; - // Subscriber Carrier. This property is read-only. - subscriberCarrier?: NullableOption; - // Total Storage in Bytes. This property is read-only. - totalStorageSpaceInBytes?: number; + wiFiSecurityType?: AndroidWiFiSecurityType; +} +export interface AndroidGeneralDeviceConfiguration extends DeviceConfiguration { + // Indicates whether or not to block clipboard sharing to copy and paste between applications. + appsBlockClipboardSharing?: boolean; + // Indicates whether or not to block copy and paste within applications. + appsBlockCopyPaste?: boolean; + // Indicates whether or not to block the YouTube app. + appsBlockYouTube?: boolean; + // List of apps to be hidden on the KNOX device. This collection can contain a maximum of 500 elements. + appsHideList?: NullableOption; + // List of apps which can be installed on the KNOX device. This collection can contain a maximum of 500 elements. + appsInstallAllowList?: NullableOption; /** - * Unique Device Identifier for iOS and macOS devices. Default is an empty string. To retrieve actual values GET call - * needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported. - * Read-only. This property is read-only. + * List of apps which are blocked from being launched on the KNOX device. This collection can contain a maximum of 500 + * elements. */ - udid?: NullableOption; - // User display name. This property is read-only. - userDisplayName?: NullableOption; - // Unique Identifier for the user associated with the device. This property is read-only. - userId?: NullableOption; - // Device user principal name. This property is read-only. - userPrincipalName?: NullableOption; - // Indicates the last logged on users of a device. This property is read-only. - usersLoggedOn?: NullableOption; - // Wi-Fi MAC. This property is read-only. - wiFiMacAddress?: NullableOption; + appsLaunchBlockList?: NullableOption; + // Indicates whether or not to block Bluetooth. + bluetoothBlocked?: boolean; + // Indicates whether or not to block the use of the camera. + cameraBlocked?: boolean; + // Indicates whether or not to block data roaming. + cellularBlockDataRoaming?: boolean; + // Indicates whether or not to block SMS/MMS messaging. + cellularBlockMessaging?: boolean; + // Indicates whether or not to block voice roaming. + cellularBlockVoiceRoaming?: boolean; + // Indicates whether or not to block syncing Wi-Fi tethering. + cellularBlockWiFiTethering?: boolean; + // Type of list that is in the CompliantAppsList. Possible values are: none, appsInListCompliant, appsNotInListCompliant. + compliantAppListType?: AppListType; /** - * Count of active malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, - * with device id and included in select parameter. This property is read-only. + * List of apps in the compliance (either allow list or block list, controlled by CompliantAppListType). This collection + * can contain a maximum of 10000 elements. */ - windowsActiveMalwareCount?: number; + compliantAppsList?: NullableOption; + // Indicates whether or not to block changing date and time while in KNOX Mode. + dateAndTimeBlockChanges?: boolean; + // Indicates whether or not to allow device sharing mode. + deviceSharingAllowed?: boolean; + // Indicates whether or not to block diagnostic data submission. + diagnosticDataBlockSubmission?: boolean; + // Indicates whether or not to block user performing a factory reset. + factoryResetBlocked?: boolean; + // Indicates whether or not to block Google account auto sync. + googleAccountBlockAutoSync?: boolean; + // Indicates whether or not to block the Google Play store. + googlePlayStoreBlocked?: boolean; /** - * Count of remediated malware for this windows device. Default is 0. To retrieve actual values GET call needs to be made, - * with device id and included in select parameter. This property is read-only. + * A list of apps that will be allowed to run when the device is in Kiosk Mode. This collection can contain a maximum of + * 500 elements. */ - windowsRemediatedMalwareCount?: number; - // Managed device mobile app configuration states for this device. - assignmentFilterEvaluationStatusDetails?: NullableOption; - // Device compliance policy states for this device. - deviceCompliancePolicyStates?: NullableOption; - // Device configuration states for this device. - deviceConfigurationStates?: NullableOption; - // Managed device mobile app configuration states for this device. - managedDeviceMobileAppConfigurationStates?: NullableOption; - // Security baseline states for this device. - securityBaselineStates?: NullableOption; - // All applications currently installed on the device - detectedApps?: NullableOption; - // Device category - deviceCategory?: NullableOption; - // Results of device health scripts that ran for this device. Default is empty list. This property is read-only. - deviceHealthScriptStates?: NullableOption; - // List of log collection requests - logCollectionRequests?: NullableOption; - // The primary users associated with the managed device. - users?: NullableOption; - // The device protection status. This property is read-only. - windowsProtectionState?: NullableOption; -} -export interface ManagedAppRegistration extends Entity { - // The app package Identifier - appIdentifier?: NullableOption; - // App version - applicationVersion?: NullableOption; + kioskModeApps?: NullableOption; + // Indicates whether or not to block the screen sleep button while in Kiosk Mode. + kioskModeBlockSleepButton?: boolean; + // Indicates whether or not to block the volume buttons while in Kiosk Mode. + kioskModeBlockVolumeButtons?: boolean; + // Indicates whether or not to block location services. + locationServicesBlocked?: boolean; + // Indicates whether or not to block Near-Field Communication. + nfcBlocked?: boolean; + // Indicates whether or not to block fingerprint unlock. + passwordBlockFingerprintUnlock?: boolean; + // Indicates whether or not to block Smart Lock and other trust agents. + passwordBlockTrustAgents?: boolean; + // Number of days before the password expires. Valid values 1 to 365 + passwordExpirationDays?: NullableOption; + // Minimum length of passwords. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Minutes of inactivity before the screen times out. + passwordMinutesOfInactivityBeforeScreenTimeout?: NullableOption; + // Number of previous passwords to block. Valid values 0 to 24 + passwordPreviousPasswordBlockCount?: NullableOption; + // Indicates whether or not to require a password. + passwordRequired?: boolean; /** - * The Azure Active Directory Device identifier of the host device. Value could be empty even when the host device is - * Azure Active Directory registered. + * Type of password that is required. Possible values are: deviceDefault, alphabetic, alphanumeric, + * alphanumericWithSymbols, lowSecurityBiometric, numeric, numericComplex, any. */ - azureADDeviceId?: NullableOption; - // Date and time of creation - createdDateTime?: string; - // The device manufacturer for the current app registration - deviceManufacturer?: NullableOption; - // The device model for the current app registration - deviceModel?: NullableOption; - // Host device name - deviceName?: NullableOption; + passwordRequiredType?: AndroidRequiredPasswordType; + // Number of sign in failures allowed before factory reset. Valid values 1 to 16 + passwordSignInFailureCountBeforeFactoryReset?: NullableOption; + // Indicates whether or not to block powering off the device. + powerOffBlocked?: boolean; /** - * App management SDK generated tag, which helps relate apps hosted on the same device. Not guaranteed to relate apps in - * all conditions. + * Indicates the required password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is an API targeted to + * Android 11+. Possible values are: none, low, medium, high. */ - deviceTag?: NullableOption; - // Host device type - deviceType?: NullableOption; - // Zero or more reasons an app registration is flagged. E.g. app running on rooted device - flaggedReasons?: ManagedAppFlaggedReason[]; - // Date and time of last the app synced with management service. - lastSyncDateTime?: string; - // The Managed Device identifier of the host device. Value could be empty even when the host device is managed. - managedDeviceId?: NullableOption; - // App management SDK version - managementSdkVersion?: NullableOption; - // Operating System version - platformVersion?: NullableOption; - // The user Id to who this app registration belongs. - userId?: NullableOption; - // Version of the entity. - version?: NullableOption; - // Zero or more policys already applied on the registered app when it last synchronized with managment service. - appliedPolicies?: NullableOption; - // Zero or more policies admin intended for the app as of now. - intendedPolicies?: NullableOption; - // Zero or more long running operations triggered on the app registration. - operations?: NullableOption; -} -export interface WindowsInformationProtectionDeviceRegistration extends Entity { - // Device Mac address. - deviceMacAddress?: NullableOption; - // Device name. - deviceName?: NullableOption; - // Device identifier for this device registration record. - deviceRegistrationId?: NullableOption; - // Device type, for example, Windows laptop VS Windows phone. - deviceType?: NullableOption; - // Last checkin time of the device. - lastCheckInDateTime?: string; - // UserId associated with this device registration record. - userId?: NullableOption; -} -export interface DeviceManagementTroubleshootingEvent extends Entity { - // A set of string key and string value pairs which provides additional information on the Troubleshooting event - additionalInformation?: NullableOption; - // Id used for tracing the failure in the service. - correlationId?: NullableOption; - // Time when the event occurred . - eventDateTime?: string; - // Event Name corresponding to the Troubleshooting Event. It is an Optional field - eventName?: NullableOption; - // Object containing detailed information about the error and its remediation. - troubleshootingErrorDetails?: NullableOption; -} -export interface MobileAppIntentAndState extends Entity { - // Device identifier created or collected by Intune. - managedDeviceIdentifier?: NullableOption; - // The list of payload intents and states for the tenant. - mobileAppList?: NullableOption; - // Identifier for the user that tried to enroll the device. - userId?: NullableOption; -} -export interface MobileAppTroubleshootingEvent extends DeviceManagementTroubleshootingEvent { - // Intune application identifier. - applicationId?: NullableOption; - // Device identifier created or collected by Intune. - deviceId?: NullableOption; - // Intune Mobile Application Troubleshooting History Item - history?: NullableOption; - // Device identifier created or collected by Intune. - managedDeviceIdentifier?: NullableOption; - // Identifier for the user that tried to enroll the device. - userId?: NullableOption; - // The collection property of AppLogUploadRequest. - appLogCollectionRequests?: NullableOption; -} -export interface Notification extends Entity { + requiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Indicates whether or not to block screenshots. + screenCaptureBlocked?: boolean; + // Require the Android Verify apps feature is turned on. + securityRequireVerifyApps?: boolean; + // Indicates whether or not to block Google Backup. + storageBlockGoogleBackup?: boolean; + // Indicates whether or not to block removable storage usage. + storageBlockRemovableStorage?: boolean; + // Indicates whether or not to require device encryption. + storageRequireDeviceEncryption?: boolean; + // Indicates whether or not to require removable storage encryption. + storageRequireRemovableStorageEncryption?: boolean; + // Indicates whether or not to block the use of the Voice Assistant. + voiceAssistantBlocked?: boolean; + // Indicates whether or not to block voice dialing. + voiceDialingBlocked?: boolean; + // Indicates whether or not to block the web browser's auto fill feature. + webBrowserBlockAutofill?: boolean; + // Indicates whether or not to block the web browser. + webBrowserBlocked?: boolean; + // Indicates whether or not to block JavaScript within the web browser. + webBrowserBlockJavaScript?: boolean; + // Indicates whether or not to block popups within the web browser. + webBrowserBlockPopups?: boolean; /** - * Sets how long (in seconds) this notification content stays in each platform's notification viewer. For example, when - * the notification is delivered to a Windows device, the value of this property is passed on to - * ToastNotification.ExpirationTime, which determines how long the toast notification stays in the user's Windows Action - * Center. + * Cookie settings within the web browser. Possible values are: browserDefault, blockAlways, allowCurrentWebSite, + * allowFromWebsitesVisited, allowAlways. */ - displayTimeToLive?: NullableOption; + webBrowserCookieSettings?: WebBrowserCookieSettings; + // Indicates whether or not to block syncing Wi-Fi. + wiFiBlocked?: boolean; +} +export interface AndroidImportedPFXCertificateProfile extends AndroidCertificateProfileBase { /** - * Sets a UTC expiration date and time on a user notification using ISO 8601 format (for example, midnight UTC on Jan 1, - * 2019 would look like this: '2019-01-01T00:00:00Z'). When time is up, the notification is removed from the Microsoft - * Graph notification feed store completely and is no longer part of notification history. Max value is 30 days. + * Intended Purpose of the Certificate Profile - which could be Unassigned, SmimeEncryption, SmimeSigning etc. Possible + * values are: unassigned, smimeEncryption, smimeSigning, vpn, wifi. */ - expirationDateTime?: NullableOption; + intendedPurpose?: IntendedPurpose; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidLobApp extends MobileLobApp { + // The value for the minimum applicable operating system. + minimumSupportedOperatingSystem?: NullableOption; + // The package identifier. + packageId?: NullableOption; /** - * The name of the group that this notification belongs to. It is set by the developer for grouping notifications - * together. + * The platforms to which the application can be targeted. If not specified, will defauilt to Android Device + * Administrator. Possible values are: androidDeviceAdministrator, androidOpenSourceProject, unknownFutureValue. */ - groupName?: NullableOption; + targetedPlatforms?: AndroidTargetedPlatforms; + // The version code of Android Line of Business (LoB) app. + versionCode?: NullableOption; + // The version name of Android Line of Business (LoB) app. + versionName?: NullableOption; +} +export interface AndroidManagedAppProtection extends TargetedManagedAppProtection { + // Semicolon seperated list of device manufacturers allowed, as a string, for the managed app to work. + allowedAndroidDeviceManufacturers?: NullableOption; + // List of device models allowed, as a string, for the managed app to work. + allowedAndroidDeviceModels?: NullableOption; /** - * This is the data content of a raw or visual user notification that will be delivered to and consumed by the app client - * receiving this notification. + * Defines a managed app behavior, either block or warn, if the user is clocked out (non-working time). Possible values + * are: block, wipe, warn. */ - payload?: PayloadTypes; + appActionIfAccountIsClockedOut?: NullableOption; /** - * Indicates the priority of a raw user notification. Visual notifications are sent with high priority by default. Valid - * values are None, High and Low. + * Defines a managed app behavior, either block or wipe, if the specified device manufacturer is not allowed. Possible + * values are: block, wipe, warn. */ - priority?: NullableOption; + appActionIfAndroidDeviceManufacturerNotAllowed?: ManagedAppRemediationAction; /** - * Represents the host name of the app to which the calling service wants to post the notification, for the given user. If - * targeting web endpoints (see targetPolicy.platformTypes), ensure that targetHostName is the same as the name used when - * creating a subscription on the client side within the application JSON property. + * Defines a managed app behavior, either block or wipe, if the specified device model is not allowed. Possible values + * are: block, wipe, warn. */ - targetHostName?: string; + appActionIfAndroidDeviceModelNotAllowed?: ManagedAppRemediationAction; /** - * Target policy object handles notification delivery policy for endpoint types that should be targeted (Windows, iOS, - * Android and WebPush) for the given user. + * Defines a managed app behavior, either warn or block, if the specified Android App Verification requirment fails. + * Possible values are: block, wipe, warn. */ - targetPolicy?: NullableOption; -} -// tslint:disable-next-line: no-empty-interface -export interface PlannerDelta extends Entity {} -export interface PlannerUser extends PlannerDelta { - // A collection that contains the references to the plans that the user has marked as favorites. - favoritePlanReferences?: NullableOption; + appActionIfAndroidSafetyNetAppsVerificationFailed?: ManagedAppRemediationAction; /** - * A collection that contains references to the plans that were viewed recently by the user in apps that support recent - * plans. + * Defines a managed app behavior, either warn or block, if the specified Android SafetyNet Attestation requirment fails. + * Possible values are: block, wipe, warn. */ - recentPlanReferences?: NullableOption; - all?: NullableOption; - // Read-only. Nullable. Returns the plannerPlans that the user marked as favorites. - favoritePlans?: NullableOption; - plans?: NullableOption; + appActionIfAndroidSafetyNetDeviceAttestationFailed?: ManagedAppRemediationAction; /** - * Read-only. Nullable. Returns the plannerPlans that have been recently viewed by the user in apps that support recent - * plans. + * Defines a managed app behavior, either warn, block or wipe, if the screen lock is required on android device but is not + * set. Possible values are: block, wipe, warn. */ - recentPlans?: NullableOption; - // Read-only. Nullable. Returns the plannerPlans contained by the plannerRosters the user is a member. - rosterPlans?: NullableOption; - // Read-only. Nullable. Returns the plannerTasks assigned to the user. - tasks?: NullableOption; -} -export interface OfficeGraphInsights extends Entity { - // Access this property from the derived type itemInsights. - shared?: NullableOption; - // Access this property from the derived type itemInsights. - trending?: NullableOption; - // Access this property from the derived type itemInsights. - used?: NullableOption; -} -// tslint:disable-next-line: interface-name no-empty-interface -export interface ItemInsights extends OfficeGraphInsights {} -export interface UserSettings extends Entity { + appActionIfDeviceLockNotSet?: ManagedAppRemediationAction; /** - * Reflects the Office Delve organization level setting. When set to true, the organization doesn't have access to Office - * Delve. This setting is read-only and can only be changed by administrators in the SharePoint admin center. + * If the device does not have a passcode of high complexity or higher, trigger the stored action. Possible values are: + * block, wipe, warn. */ - contributionToContentDiscoveryAsOrganizationDisabled?: boolean; - // When set to true, documents in the user's Office Delve are disabled. Users can control this setting in Office Delve. - contributionToContentDiscoveryDisabled?: boolean; + appActionIfDevicePasscodeComplexityLessThanHigh?: NullableOption; /** - * The user's settings for the visibility of meeting hour insights, and insights derived between a user and other items in - * Microsoft 365, such as documents or sites. Get userInsightsSettings through this navigation property. + * If the device does not have a passcode of low complexity or higher, trigger the stored action. Possible values are: + * block, wipe, warn. */ - itemInsights?: NullableOption; - // The user's settings for the visibility of merge suggestion for the duplicate contacts in the user's contact list. - contactMergeSuggestions?: NullableOption; - // The user's preferences for languages, regional locale and date/time formatting. - regionalAndLanguageSettings?: NullableOption; - // The shift preferences for the user. - shiftPreferences?: NullableOption; -} -export interface Profile extends Entity { - account?: NullableOption; - // Represents details of addresses associated with the user. - addresses?: NullableOption; - // Represents the details of meaningful dates associated with a person. - anniversaries?: NullableOption; - // Represents the details of awards or honors associated with a person. - awards?: NullableOption; - // Represents the details of certifications associated with a person. - certifications?: NullableOption; + appActionIfDevicePasscodeComplexityLessThanLow?: NullableOption; /** - * Represents data that a user has supplied related to undergraduate, graduate, postgraduate or other educational - * activities. + * If the device does not have a passcode of medium complexity or higher, trigger the stored action. Possible values are: + * block, wipe, warn. */ - educationalActivities?: NullableOption; - // Represents detailed information about email addresses associated with the user. - emails?: NullableOption; - // Provides detailed information about interests the user has associated with themselves in various services. - interests?: NullableOption; - // Represents detailed information about languages that a user has added to their profile. - languages?: NullableOption; - // Represents the names a user has added to their profile. - names?: NullableOption; - // Represents notes that a user has added to their profile. - notes?: NullableOption; - // Represents patents that a user has added to their profile. - patents?: NullableOption; - // Represents detailed information about phone numbers associated with a user in various services. - phones?: NullableOption; - // Represents detailed information about work positions associated with a user's profile. - positions?: NullableOption; - // Represents detailed information about projects associated with a user. - projects?: NullableOption; - // Represents details of any publications a user has added to their profile. - publications?: NullableOption; - // Represents detailed information about skills associated with a user in various services. - skills?: NullableOption; - // Represents web accounts the user has indicated they use or has added to their user profile. - webAccounts?: NullableOption; - // Represents detailed information about websites associated with a user in various services. - websites?: NullableOption; -} -export interface UserActivity extends Entity { + appActionIfDevicePasscodeComplexityLessThanMedium?: NullableOption; /** - * Required. URL used to launch the activity in the best native experience represented by the appId. Might launch a - * web-based app if no native app exists. + * Defines the behavior of a managed app when Samsung Knox Attestation is required. Possible values are null, warn, block + * & wipe. If the admin does not set this action, the default is null, which indicates this setting is not configured. + * Possible values are: block, wipe, warn. */ - activationUrl?: string; + appActionIfSamsungKnoxAttestationRequired?: NullableOption; /** - * Required. URL for the domain representing the cross-platform identity mapping for the app. Mapping is stored either as - * a JSON file hosted on the domain or configurable via Windows Dev Center. The JSON file is named - * cross-platform-app-identifiers and is hosted at root of your HTTPS domain, either at the top level domain or include a - * sub domain. For example: https://contoso.com or https://myapp.contoso.com but NOT https://myapp.contoso.com/somepath. - * You must have a unique file and domain (or sub domain) per cross-platform app identity. For example, a separate file - * and domain is needed for Word vs. PowerPoint. + * If Keyboard Restriction is enabled, only keyboards in this approved list will be allowed. A key should be Android + * package id for a keyboard and value should be a friendly name */ - activitySourceHost?: string; - // Required. The unique activity ID in the context of the app - supplied by caller and immutable thereafter. - appActivityId?: string; + approvedKeyboards?: NullableOption; + // Indicates whether use of the biometric authentication is allowed in place of a pin if PinRequired is set to True. + biometricAuthenticationBlocked?: boolean; + // Maximum number of days Company Portal update can be deferred on the device or app access will be blocked. + blockAfterCompanyPortalUpdateDeferralInDays?: number; + // Whether the app should connect to the configured VPN on launch. + connectToVpnOnLaunch?: boolean; + // Friendly name of the preferred custom browser to open weblink on Android. + customBrowserDisplayName?: NullableOption; + // Unique identifier of a custom browser to open weblink on Android. + customBrowserPackageId?: NullableOption; + // Friendly name of a custom dialer app to click-to-open a phone number on Android. + customDialerAppDisplayName?: NullableOption; + // PackageId of a custom dialer app to click-to-open a phone number on Android. + customDialerAppPackageId?: NullableOption; + // Count of apps to which the current policy is deployed. + deployedAppCount?: number; + // Defines if any kind of lock must be required on android device + deviceLockRequired?: boolean; + // When this setting is enabled, app level encryption is disabled if device level encryption is enabled + disableAppEncryptionIfDeviceEncryptionIsEnabled?: boolean; + // Indicates whether application data for managed apps should be encrypted + encryptAppData?: boolean; + // App packages in this list will be exempt from the policy and will be able to receive data from managed apps. + exemptedAppPackages?: NullableOption; /** - * Optional. Short text description of the app used to generate the activity for use in cases when the app is not - * installed on the user’s local device. + * If null, this setting will be ignored. If false both fingerprints and biometrics will not be enabled. If true, both + * fingerprints and biometrics will be enabled. */ - appDisplayName?: NullableOption; - // Optional. A custom piece of data - JSON-LD extensible description of content according to schema.org syntax. - contentInfo?: NullableOption; + fingerprintAndBiometricEnabled?: NullableOption; + // Indicates if keyboard restriction is enabled. If enabled list of approved keyboards must be provided as well. + keyboardsRestricted?: boolean; /** - * Optional. Used in the event the content can be rendered outside of a native or web-based app experience (for example, a - * pointer to an item in an RSS feed). + * When a specific app redirection is enforced by protectedMessagingRedirectAppType in an App Protection Policy, this + * value defines the app name which is allowed to be used. */ - contentUrl?: NullableOption; - // Set by the server. DateTime in UTC when the object was created on the server. - createdDateTime?: NullableOption; - // Set by the server. DateTime in UTC when the object expired on the server. - expirationDateTime?: NullableOption; - // Optional. URL used to launch the activity in a web-based app, if available. - fallbackUrl?: NullableOption; - // Set by the server. DateTime in UTC when the object was modified on the server. - lastModifiedDateTime?: NullableOption; - // Set by the server. A status code used to identify valid objects. Values: active, updated, deleted, ignored. - status?: NullableOption; + messagingRedirectAppDisplayName?: NullableOption; /** - * Optional. The timezone in which the user's device used to generate the activity was located at activity creation time; - * values supplied as Olson IDs in order to support cross-platform representation. + * When a specific app redirection is enforced by protectedMessagingRedirectAppType in an App Protection Policy, this + * value defines the app package id which is allowed to be used. */ - userTimezone?: NullableOption; - // Required. The object containing information to render the activity in the UX. - visualElements?: VisualInfo; - // Optional. NavigationProperty/Containment; navigation property to the activity's historyItems. - historyItems?: NullableOption; -} -export interface Device extends DirectoryObject { + messagingRedirectAppPackageId?: NullableOption; + // Minimum version of the Company portal that must be installed on the device or app access will be blocked + minimumRequiredCompanyPortalVersion?: NullableOption; + // Define the oldest required Android security patch level a user can have to gain secure access to the app. + minimumRequiredPatchVersion?: NullableOption; + // Minimum version of the Company portal that must be installed on the device or the user will receive a warning + minimumWarningCompanyPortalVersion?: NullableOption; + // Define the oldest recommended Android security patch level a user can have for secure access to the app. + minimumWarningPatchVersion?: NullableOption; + // Minimum version of the Company portal that must be installed on the device or the company data on the app will be wiped + minimumWipeCompanyPortalVersion?: NullableOption; /** - * true if the account is enabled; otherwise, false. Default is true. Supports $filter (eq, ne, not, in). Only callers in - * Global Administrator and Cloud Device Administrator roles can set this property. + * Android security patch level less than or equal to the specified value will wipe the managed app and the associated + * company data. */ - accountEnabled?: NullableOption; - // For internal use only. Not nullable. Supports $filter (eq, not, ge, le). - alternativeSecurityIds?: AlternativeSecurityId[]; + minimumWipePatchVersion?: NullableOption; + // Require user to apply Class 3 Biometrics on their Android device. + requireClass3Biometrics?: boolean; /** - * The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, and eq on null - * values) and $orderby. + * Defines the Android SafetyNet Apps Verification requirement for a managed app to work. Possible values are: none, + * enabled. */ - approximateLastSignInDateTime?: NullableOption; + requiredAndroidSafetyNetAppsVerificationType?: AndroidManagedAppSafetyNetAppsVerificationType; /** - * The timestamp when the device is no longer deemed compliant. The timestamp type represents date and time information - * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. - * Read-only. + * Defines the Android SafetyNet Device Attestation requirement for a managed app to work. Possible values are: none, + * basicIntegrity, basicIntegrityAndDeviceCertification. */ - complianceExpirationDateTime?: NullableOption; - // User-defined property set by Intune to automatically add devices to groups and simplify managing devices. - deviceCategory?: NullableOption; + requiredAndroidSafetyNetDeviceAttestationType?: AndroidManagedAppSafetyNetDeviceAttestationType; /** - * Unique Identifier set by Azure Device Registration Service at the time of registration. This is an alternate key that - * can be used to reference the device object. Also Supports $filter (eq, ne, not, startsWith). + * Defines the Android SafetyNet evaluation type requirement for a managed app to work. Possible values are: basic, + * hardwareBacked. */ - deviceId?: NullableOption; - // For internal use only. Set to null. - deviceMetadata?: NullableOption; - // Ownership of the device. This property is set by Intune. Possible values are: unknown, company, personal. - deviceOwnership?: NullableOption; - // For internal use only. - deviceVersion?: NullableOption; + requiredAndroidSafetyNetEvaluationType?: AndroidManagedAppSafetyNetEvaluationType; + // A PIN prompt will override biometric prompts if class 3 biometrics are updated on the device. + requirePinAfterBiometricChange?: boolean; + // Indicates whether a managed user can take screen captures of managed apps + screenCaptureBlocked?: boolean; + // Maximum number of days Company Portal update can be deferred on the device or the user will receive the warning + warnAfterCompanyPortalUpdateDeferralInDays?: number; + // Maximum number of days Company Portal update can be deferred on the device or the company data on the app will be wiped + wipeAfterCompanyPortalUpdateDeferralInDays?: number; + // List of apps to which the policy is deployed. + apps?: NullableOption; + // Navigation property to deployment summary of the configuration. + deploymentSummary?: NullableOption; +} +export interface AndroidManagedAppRegistration extends ManagedAppRegistration { + // The patch version for the current android app registration + patchVersion?: NullableOption; +} +export interface AndroidManagedStoreAccountEnterpriseSettings extends Entity { + // Company codes for AndroidManagedStoreAccountEnterpriseSettings + androidDeviceOwnerFullyManagedEnrollmentEnabled?: boolean; + // Bind status of the tenant with the Google EMM API. Possible values are: notBound, bound, boundAndValidated, unbinding. + bindStatus?: AndroidManagedStoreAccountBindStatus; + // Company codes for AndroidManagedStoreAccountEnterpriseSettings + companyCodes?: NullableOption; + // Indicates if this account is flighting for Android Device Owner Management with CloudDPC. + deviceOwnerManagementEnabled?: boolean; /** - * The display name for the device. Required. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null - * values), $search, and $orderby. + * Indicates which users can enroll devices in Android Enterprise device management. Possible values are: none, all, + * targeted, targetedAsEnrollmentRestrictions. */ - displayName?: NullableOption; - // The on-premises domain name of Microsoft Entra hybrid joined devices. This property is set by Intune. - domainName?: NullableOption; + enrollmentTarget?: AndroidManagedStoreAccountEnrollmentTarget; + // Last completion time for app sync + lastAppSyncDateTime?: NullableOption; /** - * Enrollment profile applied to the device. For example, Apple Device Enrollment Profile, Device enrollment - Corporate - * device identifiers, or Windows Autopilot profile name. This property is set by Intune. + * Last application sync result. Possible values are: success, credentialsNotValid, androidForWorkApiError, + * managementServiceError, unknownError, none. */ - enrollmentProfileName?: NullableOption; + lastAppSyncStatus?: AndroidManagedStoreAccountAppSyncStatus; + // Last modification time for Android enterprise settings + lastModifiedDateTime?: NullableOption; + // Initial scope tags for MGP apps + managedGooglePlayInitialScopeTagIds?: NullableOption; + // Organization name used when onboarding Android Enterprise + ownerOrganizationName?: NullableOption; + // Owner UPN that created the enterprise + ownerUserPrincipalName?: NullableOption; /** - * Enrollment type of the device. This property is set by Intune. Possible values are: unknown, userEnrollment, - * deviceEnrollmentManager, appleBulkWithUser, appleBulkWithoutUser, windowsAzureADJoin, windowsBulkUserless, - * windowsAutoEnrollment, windowsBulkAzureDomainJoin, windowsCoManagement. + * Specifies which AAD groups can enroll devices in Android for Work device management if enrollmentTarget is set to + * 'Targeted' */ - enrollmentType?: NullableOption; + targetGroupIds?: NullableOption; +} +export interface AndroidManagedStoreApp extends MobileApp { + // The Identity Name. + appIdentifier?: NullableOption; + // The Play for Work Store app URL. This property is read-only. + appStoreUrl?: NullableOption; + // The tracks that are visible to this enterprise. This property is read-only. + appTracks?: NullableOption; + // Indicates whether the app is only available to a given enterprise's users. This property is read-only. + isPrivate?: boolean; + // Indicates whether the app is a preinstalled system app. + isSystemApp?: boolean; + // The package identifier. This property is read-only. + packageId?: NullableOption; + // Whether this app supports OEMConfig policy. This property is read-only. + supportsOemConfig?: boolean; + // The total number of VPP licenses. This property is read-only. + totalLicenseCount?: number; + // The number of VPP licenses in use. This property is read-only. + usedLicenseCount?: number; +} +export interface AndroidManagedStoreAppConfiguration extends ManagedDeviceMobileAppConfiguration { + // Whether or not this AppConfig is an OEMConfig policy. This property is read-only. + appSupportsOemConfig?: boolean; + // Setting to specify whether to allow ConnectedApps experience for this app. + connectedAppsEnabled?: boolean; + // Android Enterprise app configuration package id. + packageId?: NullableOption; + // Android Enterprise app configuration JSON payload. + payloadJson?: NullableOption; + // List of Android app permissions and corresponding permission actions. + permissionActions?: NullableOption; /** - * Contains extension attributes 1-15 for the device. The individual extension attributes are not selectable. These - * properties are mastered in cloud and can be set during creation or update of a device object in Microsoft Entra ID. - * Supports $filter (eq, not, startsWith, and eq on null values). + * Android Enterprise profile applicability (AndroidWorkProfile, DeviceOwner, or default (applies to both)). Possible + * values are: default, androidWorkProfile, androidDeviceOwner. */ - extensionAttributes?: NullableOption; - // List of host names for the device. - hostnames?: NullableOption; + profileApplicability?: AndroidProfileApplicability; +} +export interface AndroidManagedStoreAppConfigurationSchema extends Entity { /** - * true if the device complies with Mobile Device Management (MDM) policies; otherwise, false. Read-only. This can only be - * updated by Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, - * not). + * UTF8 encoded byte array containing example JSON string conforming to this schema that demonstrates how to set the + * configuration for this app */ - isCompliant?: NullableOption; + exampleJson?: NullableOption; /** - * true if the device is managed by a Mobile Device Management (MDM) app; otherwise, false. This can only be updated by - * Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). + * Collection of items each representing a named configuration option in the schema. It contains a flat list of all + * configuration. */ - isManaged?: NullableOption; + nestedSchemaItems?: NullableOption; /** - * Indicates whether the device is a member of a restricted management administrative unit, in which case it requires a - * role scoped to the restricted administrative unit to manage. The default value is false. Read-only. To manage a device - * that's a member of a restricted administrative unit, the calling app must be assigned the Directory.Write.Restricted - * permission. For delegated scenarios, the administrators must also be explicitly assigned supported roles at the - * restricted administrative unit scope. + * Collection of items each representing a named configuration option in the schema. It only contains the root-level + * configuration. */ - isManagementRestricted?: NullableOption; - // true if device is rooted; false if device is jail-broken. This can only be updated by Intune. - isRooted?: NullableOption; + schemaItems?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface AndroidManagedStoreWebApp extends AndroidManagedStoreApp {} +export interface AndroidOmaCpConfiguration extends DeviceConfiguration { /** - * Management channel of the device. This property is set by Intune. Possible values are: eas, mdm, easMdm, intuneClient, - * easIntuneClient, configurationManagerClient, configurationManagerClientMdm, configurationManagerClientMdmEas, unknown, - * jamf, googleCloudDevicePolicyController. + * Configuration XML that will be applied to the device. When it is read, it only provides a placeholder string since the + * original data is encrypted and stored. */ - managementType?: NullableOption; - // Application identifier used to register device into MDM. Read-only. Supports $filter (eq, ne, not, startsWith). - mdmAppId?: NullableOption; + configurationXml?: string; +} +export interface AndroidPkcsCertificateProfile extends AndroidCertificateProfileBase { + // PKCS Certificate Template Name + certificateTemplateName?: string; + // PKCS Certification Authority + certificationAuthority?: string; + // PKCS Certification Authority Name + certificationAuthorityName?: string; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidScepCertificateProfile extends AndroidCertificateProfileBase { + // SCEP Hash Algorithm. Possible values are: sha1, sha2. + hashAlgorithm?: HashAlgorithms; + // SCEP Key Size. Possible values are: size1024, size2048, size4096. + keySize?: KeySize; + // SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature. + keyUsage?: KeyUsages; + // SCEP Server Url(s) + scepServerUrls?: NullableOption; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; /** - * The last time at which the object was synced with the on-premises directory. The Timestamp type represents date and - * time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is - * 2014-01-01T00:00:00Z Read-only. Supports $filter (eq, ne, not, ge, le, in). + * Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise + * Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US */ - onPremisesLastSyncDateTime?: NullableOption; + subjectNameFormatString?: NullableOption; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidStoreApp extends MobileApp { + // The Identity Name. This property is read-only. + appIdentifier?: NullableOption; + // The Android app store URL. + appStoreUrl?: NullableOption; + // The value for the minimum applicable operating system. + minimumSupportedOperatingSystem?: NullableOption; + // The package identifier. This property is read-only. + packageId?: NullableOption; +} +export interface AndroidTrustedRootCertificate extends DeviceConfiguration { + // File name to display in UI. + certFileName?: NullableOption; + // Trusted Root Certificate + trustedRootCertificate?: string; +} +export interface AndroidVpnConfiguration extends DeviceConfiguration { + // Authentication method. Possible values are: certificate, usernameAndPassword, sharedSecret, derivedCredential, azureAD. + authenticationMethod?: VpnAuthenticationMethod; + // Connection name displayed to the user. + connectionName?: string; /** - * The on-premises security identifier (SID) for the user who was synchronized from on-premises to the cloud. Read-only. - * Returned only on $select. Supports $filter (eq). + * Connection type. Possible values are: ciscoAnyConnect, pulseSecure, f5EdgeClient, dellSonicWallMobileConnect, + * checkPointCapsuleVpn, citrix, microsoftTunnel, netMotionMobility, microsoftProtect. */ - onPremisesSecurityIdentifier?: NullableOption; + connectionType?: AndroidVpnConnectionType; + // Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements. + customData?: NullableOption; + // Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements. + customKeyValueData?: NullableOption; /** - * true if this object is synced from an on-premises directory; false if this object was originally synced from an - * on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory - * (default). Read-only. Supports $filter (eq, ne, not, in, and eq on null values). + * Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when + * connection type is Check Point Capsule VPN. */ - onPremisesSyncEnabled?: NullableOption; + fingerprint?: NullableOption; + // Realm when connection type is set to Pulse Secure. + realm?: NullableOption; + // Role when connection type is set to Pulse Secure. + role?: NullableOption; /** - * The type of operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null - * values). + * List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain + * a maximum of 500 elements. */ - operatingSystem?: NullableOption; + servers?: VpnServer[]; + // Identity certificate for client authentication when authentication method is certificate. + identityCertificate?: NullableOption; +} +export interface AndroidWiFiConfiguration extends DeviceConfiguration { /** - * Operating system version of the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null - * values). + * Connect automatically when this network is in range. Setting this to true will skip the user prompt and automatically + * connect the device to Wi-Fi network. */ - operatingSystemVersion?: NullableOption; - // For internal use only. Not nullable. Supports $filter (eq, not, ge, le, startsWith, /$count eq 0, /$count ne 0. - physicalIds?: string[]; - // The profile type of the device. Possible values: RegisteredDevice (default), SecureVM, Printer, Shared, IoT. - profileType?: NullableOption; + connectAutomatically?: boolean; /** - * Date and time of when the device was registered. The timestamp type represents date and time information using ISO 8601 - * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. + * When set to true, this profile forces the device to connect to a network that doesn't broadcast its SSID to all + * devices. */ - registrationDateTime?: NullableOption; - // List of labels applied to the device by the system. Supports $filter (/$count eq 0, /$count ne 0). - systemLabels?: string[]; + connectWhenNetworkNameIsHidden?: boolean; + // Network Name + networkName?: string; + // This is the name of the Wi-Fi network that is broadcast to all devices. + ssid?: string; /** - * Type of trust for the joined device. Read-only. Possible values: Workplace (indicates bring your own personal devices), - * AzureAd (Cloud only joined devices), ServerAd (on-premises domain joined devices joined to Microsoft Entra ID). For - * more details, see Introduction to device management in Microsoft Entra ID. + * Indicates whether Wi-Fi endpoint uses an EAP based security type. Possible values are: open, wpaEnterprise, + * wpa2Enterprise. */ - trustType?: NullableOption; - // Form factor of the device. Only returned if the user signs in with a Microsoft account as part of Project Rome. - kind?: NullableOption; - // Manufacturer of the device. Only returned if the user signs in with a Microsoft account as part of Project Rome. - manufacturer?: NullableOption; - // Model of the device. Only returned if the user signs in with a Microsoft account as part of Project Rome. - model?: NullableOption; - // Friendly name of the device. Only returned if user signs in with a Microsoft account as part of Project Rome. - name?: NullableOption; - // Platform of device. Only returned if the user signs in with a Microsoft account as part of Project Rome. - platform?: NullableOption; - // Device is online or offline. Only returned if user signs in with a Microsoft account as part of Project Rome. - status?: NullableOption; - // Represents the usage rights a device has been granted. - usageRights?: NullableOption; - // Groups and administrative units that this device is a member of. Read-only. Nullable. Supports $expand. - memberOf?: NullableOption; + wiFiSecurityType?: AndroidWiFiSecurityType; +} +export interface AndroidWorkProfileCertificateProfileBase extends DeviceConfiguration { + // Scale for the Certificate Validity Period. Possible values are: days, months, years. + certificateValidityPeriodScale?: CertificateValidityPeriodScale; + // Value for the Certificate Validity Period. + certificateValidityPeriodValue?: number; + // Extended Key Usage (EKU) settings. This collection can contain a maximum of 500 elements. + extendedKeyUsages?: ExtendedKeyUsage[]; + // Certificate renewal threshold percentage. Valid values 1 to 99 + renewalThresholdPercentage?: number; /** - * The user that cloud joined the device or registered their personal device. The registered owner is set at the time of - * registration. Read-only. Nullable. Supports $expand. + * Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, + * customAzureADAttribute, domainNameService, universalResourceIdentifier. */ - registeredOwners?: NullableOption; + subjectAlternativeNameType?: NullableOption; /** - * Collection of registered users of the device. For cloud joined devices and registered personal devices, registered - * users are set to the same value as registered owners at the time of registration. Read-only. Nullable. Supports - * $expand. + * Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, + * commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, + * commonNameAsDurableDeviceId. */ - registeredUsers?: NullableOption; - // Groups and administrative units that this device is a member of. This operation is transitive. Supports $expand. - transitiveMemberOf?: NullableOption; - // The collection of open extensions defined for the device. Read-only. Nullable. - extensions?: NullableOption; - // Set of commands sent to this device. - commands?: NullableOption; -} -export interface OnlineMeetingBase extends Entity { - allowAttendeeToEnableCamera?: NullableOption; - allowAttendeeToEnableMic?: NullableOption; - allowedPresenters?: NullableOption; - allowMeetingChat?: NullableOption; - allowParticipantsToChangeName?: NullableOption; - allowRecording?: NullableOption; - allowTeamworkReactions?: NullableOption; - allowTranscription?: NullableOption; - anonymizeIdentityForRoles?: NullableOption; - audioConferencing?: NullableOption; - chatInfo?: NullableOption; - chatRestrictions?: NullableOption; - isEndToEndEncryptionEnabled?: NullableOption; - isEntryExitAnnounced?: NullableOption; - joinInformation?: NullableOption; - joinMeetingIdSettings?: NullableOption; - joinWebUrl?: NullableOption; - lobbyBypassSettings?: NullableOption; - recordAutomatically?: NullableOption; - shareMeetingChatHistoryDefault?: NullableOption; - subject?: NullableOption; - videoTeleconferenceId?: NullableOption; - watermarkProtection?: NullableOption; - attendanceReports?: NullableOption; + subjectNameFormat?: SubjectNameFormat; + // Trusted Root Certificate. + rootCertificate?: NullableOption; } -export interface OnlineMeeting extends OnlineMeetingBase { - alternativeRecording?: NullableOption; - attendeeReport?: NullableOption; - broadcastRecording?: NullableOption; - broadcastSettings?: NullableOption; - capabilities?: NullableOption; - // The meeting creation time in UTC. Read-only. - creationDateTime?: NullableOption; - // The meeting end time in UTC. - endDateTime?: NullableOption; - // The external ID. A custom ID. Optional. - externalId?: NullableOption; - isBroadcast?: NullableOption; - joinUrl?: NullableOption; - // The participants associated with the online meeting. This includes the organizer and the attendees. - participants?: NullableOption; - recording?: NullableOption; - // The meeting start time in UTC. - startDateTime?: NullableOption; - meetingAttendanceReport?: NullableOption; +export interface AndroidWorkProfileCompliancePolicy extends DeviceCompliancePolicy { /** - * The registration that has been enabled for an online meeting. One online meeting can only have one registration - * enabled. + * MDATP Require Mobile Threat Protection minimum risk level to report noncompliance. Possible values are: unavailable, + * secured, low, medium, high, notSet. */ - registration?: NullableOption; - // The recordings of an online meeting. Read-only. - recordings?: NullableOption; - // The transcripts of an online meeting. Read-only. - transcripts?: NullableOption; -} -export interface Presence extends Entity { + advancedThreatProtectionRequiredSecurityLevel?: DeviceThreatProtectionLevel; + // Require that devices have enabled device threat protection. + deviceThreatProtectionEnabled?: boolean; /** - * The supplemental information to a user's availability. Possible values are Available, Away, BeRightBack, Busy, - * DoNotDisturb, InACall, InAConferenceCall, Inactive, InAMeeting, Offline, OffWork, OutOfOffice, PresenceUnknown, - * Presenting, UrgentInterruptionsOnly. + * Require Mobile Threat Protection minimum risk level to report noncompliance. Possible values are: unavailable, secured, + * low, medium, high, notSet. */ - activity?: NullableOption; + deviceThreatProtectionRequiredSecurityLevel?: DeviceThreatProtectionLevel; + // Minimum Android security patch level. + minAndroidSecurityPatchLevel?: NullableOption; + // Maximum Android version. + osMaximumVersion?: NullableOption; + // Minimum Android version. + osMinimumVersion?: NullableOption; + // Number of days before the password expires. Valid values 1 to 365 + passwordExpirationDays?: NullableOption; + // Minimum password length. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Minutes of inactivity before a password is required. + passwordMinutesOfInactivityBeforeLock?: NullableOption; + // Number of previous passwords to block. Valid values 1 to 24 + passwordPreviousPasswordBlockCount?: NullableOption; + // Require a password to unlock device. + passwordRequired?: boolean; /** - * The base presence information for a user. Possible values are Available, AvailableIdle, Away, BeRightBack, Busy, - * BusyIdle, DoNotDisturb, Offline, PresenceUnknown. + * Type of characters in password. Possible values are: deviceDefault, alphabetic, alphanumeric, alphanumericWithSymbols, + * lowSecurityBiometric, numeric, numericComplex, any. */ - availability?: NullableOption; - // The out of office settings for a user. - outOfOfficeSettings?: NullableOption; - // The presence status message of a user. - statusMessage?: NullableOption; -} -export interface UserVirtualEventsRoot extends Entity { - webinars?: NullableOption; -} -export interface Authentication extends Entity { - // The settings and preferences for to the sign-in experience of a user. - signInPreferences?: NullableOption; - // Represents the email addresses registered to a user for authentication. - emailMethods?: NullableOption; - // Represents the FIDO2 security keys registered to a user for authentication. - fido2Methods?: NullableOption; - // Represents all authentication methods registered to a user. - methods?: NullableOption; - // The details of the Microsoft Authenticator app registered to a user for authentication. - microsoftAuthenticatorMethods?: NullableOption; - operations?: NullableOption; - // Represents the Microsoft Authenticator Passwordless Phone Sign-in methods registered to a user for authentication. - passwordlessMicrosoftAuthenticatorMethods?: NullableOption; - // Represents the details of the password authentication method registered to a user for authentication. - passwordMethods?: NullableOption; - // Represents the phone registered to a user for authentication. - phoneMethods?: NullableOption; - platformCredentialMethods?: NullableOption; - softwareOathMethods?: NullableOption; - // Represents a Temporary Access Pass registered to a user for authentication through time-limited passcodes. - temporaryAccessPassMethods?: NullableOption; - // Represents the Windows Hello for Business authentication method registered to a user for authentication. - windowsHelloForBusinessMethods?: NullableOption; -} -export interface Chat extends Entity { - // Specifies the type of chat. Possible values are: group, oneOnOne, meeting, unknownFutureValue. - chatType?: ChatType; - // Date and time at which the chat was created. Read-only. - createdDateTime?: NullableOption; - // Date and time at which the chat was renamed or list of members were last changed. Read-only. - lastUpdatedDateTime?: NullableOption; + passwordRequiredType?: AndroidRequiredPasswordType; + // Number of sign-in failures allowed before factory reset. Valid values 1 to 16 + passwordSignInFailureCountBeforeFactoryReset?: NullableOption; + /** + * Indicates the required device password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is a new API + * targeted to Android API 12+. Possible values are: none, low, medium, high. + */ + requiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Devices must not be jailbroken or rooted. + securityBlockJailbrokenDevices?: boolean; + // Disable USB debugging on Android devices. + securityDisableUsbDebugging?: boolean; + // Require that devices disallow installation of apps from unknown sources. + securityPreventInstallAppsFromUnknownSources?: boolean; + // Require the device to pass the Company Portal client app runtime integrity check. + securityRequireCompanyPortalAppIntegrity?: boolean; + // Require a specific SafetyNet evaluation type for compliance. Possible values are: basic, hardwareBacked. + securityRequiredAndroidSafetyNetEvaluationType?: AndroidSafetyNetEvaluationType; + // Require Google Play Services to be installed and enabled on the device. + securityRequireGooglePlayServices?: boolean; + // Require the device to pass the Play Integrity basic integrity check. + securityRequireSafetyNetAttestationBasicIntegrity?: boolean; + // Require the device to pass the Play Integrity device integrity check. + securityRequireSafetyNetAttestationCertifiedDevice?: boolean; /** - * Represents details about an online meeting. If the chat isn't associated with an online meeting, the property is empty. - * Read-only. + * Require the device to have up to date security providers. The device will require Google Play Services to be enabled + * and up to date. */ - onlineMeetingInfo?: NullableOption; - // The identifier of the tenant in which the chat was created. Read-only. - tenantId?: NullableOption; - // (Optional) Subject or topic for the chat. Only available for group chats. - topic?: NullableOption; + securityRequireUpToDateSecurityProviders?: boolean; + // Require the Android Verify apps feature is turned on. + securityRequireVerifyApps?: boolean; + // Require encryption on Android devices. + storageRequireEncryption?: boolean; + // Minutes of inactivity before the screen times out. + workProfileInactiveBeforeScreenLockInMinutes?: NullableOption; + // Number of days before the work profile password expires. Valid values 1 to 365 + workProfilePasswordExpirationInDays?: NullableOption; + // Minimum length of work profile password. Valid values 4 to 16 + workProfilePasswordMinimumLength?: NullableOption; /** - * Represents caller-specific information about the chat, such as last message read date and time. This property is - * populated only when the request is made in a delegated context. + * Type of work profile password that is required. Possible values are: deviceDefault, lowSecurityBiometric, required, + * atLeastNumeric, numericComplex, atLeastAlphabetic, atLeastAlphanumeric, alphanumericWithSymbols. */ - viewpoint?: NullableOption; - // The URL for the chat in Microsoft Teams. The URL should be treated as an opaque blob, and not parsed. Read-only. - webUrl?: NullableOption; - // A collection of all the apps in the chat. Nullable. - installedApps?: NullableOption; + workProfilePasswordRequiredType?: AndroidWorkProfileRequiredPasswordType; + // Number of previous work profile passwords to block. Valid values 0 to 24 + workProfilePreviousPasswordBlockCount?: NullableOption; /** - * Preview of the last message sent in the chat. Null if no messages have been sent in the chat. Currently, only the list - * chats operation supports this property. + * Indicates the required work profile password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is a new API + * targeted to Android 12+. Possible values are: none, low, medium, high. */ - lastMessagePreview?: NullableOption; - // A collection of all the members in the chat. Nullable. - members?: NullableOption; - // A collection of all the messages in the chat. Nullable. - messages?: NullableOption; - // A collection of all the Teams async operations that ran or are running on the chat. Nullable. - operations?: NullableOption; - // A collection of permissions granted to apps for the chat. - permissionGrants?: NullableOption; - // A collection of all the pinned messages in the chat. Nullable. - pinnedMessages?: NullableOption; - // A collection of all the tabs in the chat. Nullable. - tabs?: NullableOption; -} -export interface UserTeamwork extends Entity { - // The list of associatedTeamInfo objects that a user is associated with. - associatedTeams?: NullableOption; - // The apps installed in the personal scope of this user. - installedApps?: NullableOption; -} -export interface Todo extends Entity { - // The task lists in the users mailbox. - lists?: NullableOption; -} -export interface EmployeeExperienceUser extends Entity { - learningCourseActivities?: NullableOption; -} -export interface ActiveUsersBreakdownMetric extends Entity { - appId?: string; - appName?: string; - count?: number; - factDate?: string; - os?: string; + workProfileRequiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Password is required or not for work profile + workProfileRequirePassword?: boolean; } -export interface ActiveUsersMetric extends Entity { - count?: number; - factDate?: string; +export interface AndroidWorkProfileCustomConfiguration extends DeviceConfiguration { + // OMA settings. This collection can contain a maximum of 500 elements. + omaSettings?: NullableOption; } -export interface AppCredentialSignInActivity extends Entity { - // The globally unique appId (also called client ID on the Microsoft Entra admin center) of the credential application. - appId?: string; - // The ID of the credential application instance. - appObjectId?: NullableOption; +export interface AndroidWorkProfileEasEmailProfileBase extends DeviceConfiguration { /** - * The date and time when the credential was created. The Timestamp type represents date and time information using ISO - * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Authentication method for Exchange ActiveSync. Possible values are: usernameAndPassword, certificate, + * derivedCredential. */ - createdDateTime?: NullableOption; - // The type the key credential originated from. Possible values are: application, servicePrincipal, unknownFutureValue. - credentialOrigin?: ApplicationKeyOrigin; + authenticationMethod?: EasAuthenticationMethod; /** - * The date and time when the credential is set to expire. The Timestamp type represents date and time information using - * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Duration of time email should be synced to. Possible values are: userDefined, oneDay, threeDays, oneWeek, twoWeeks, + * oneMonth, unlimited. */ - expirationDateTime?: NullableOption; - // The key ID of the credential. - keyId?: string; - // Specifies the key type. The possible values are: clientSecret, certificate, unknownFutureValue. - keyType?: NullableOption; - // Specifies what the key was used for. The possible values are: sign, verify, unknownFutureValue. - keyUsage?: NullableOption; - // The ID of the accessed resource. - resourceId?: NullableOption; - // The ID of the service principal. - servicePrincipalObjectId?: NullableOption; - // The sign-in activity of the credential across all flows. - signInActivity?: SignInActivity; -} -export interface ApplicationSignInDetailedSummary extends Entity { + durationOfEmailToSync?: EmailSyncDuration; /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Email attribute that is picked from AAD and injected into this profile before installing on the device. Possible values + * are: userPrincipalName, primarySmtpAddress. */ - aggregatedEventDateTime?: NullableOption; - // Name of the application that the user signed in to. - appDisplayName?: string; - // ID of the application that the user signed in to. - appId?: string; - // Count of sign-ins made by the application. - signInCount?: NullableOption; - // Details of the sign-in status. - status?: NullableOption; -} -export interface ApplicationSignInSummary extends Entity { - // Name of the application that the user signed into. - appDisplayName?: string; - // Count of failed sign-ins made by the application. - failedSignInCount?: NullableOption; - // Count of successful sign-ins made by the application. - successfulSignInCount?: NullableOption; - // Percentage of successful sign-ins made by the application. - successPercentage?: NullableOption; -} -export interface AuditLogRoot { - // Represents a custom security attribute audit log. - customSecurityAttributeAudits?: NullableOption; - directoryAudits?: NullableOption; - directoryProvisioning?: NullableOption; - // Represents an action performed by the Microsoft Entra provisioning service and its associated properties. - provisioning?: NullableOption; - signIns?: NullableOption; -} -export interface CustomSecurityAttributeAudit extends Entity { - activityDateTime?: string; - activityDisplayName?: string; - additionalDetails?: NullableOption; - category?: string; - correlationId?: NullableOption; - initiatedBy?: AuditActivityInitiator; - loggedByService?: NullableOption; - operationType?: NullableOption; - result?: NullableOption; - resultReason?: NullableOption; - targetResources?: NullableOption; - userAgent?: NullableOption; + emailAddressSource?: UserEmailSource; + // Exchange location (URL) that the mail app connects to. + hostName?: string; + // Indicates whether or not to use SSL. + requireSsl?: boolean; + /** + * Username attribute that is picked from AAD and injected into this profile before installing on the device. Possible + * values are: username, userPrincipalName, samAccountName, primarySmtpAddress. + */ + usernameSource?: AndroidUsernameSource; + // Identity certificate. + identityCertificate?: NullableOption; } -export interface DirectoryAudit extends Entity { +export interface AndroidWorkProfileEnterpriseWiFiConfiguration extends AndroidWorkProfileWiFiConfiguration { /** - * Indicates the date and time the activity was performed. The Timestamp type is always in UTC time. For example, midnight - * UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq, ge, le) and $orderby. + * Indicates the Authentication Method the client (device) needs to use when the EAP Type is configured to PEAP or + * EAP-TTLS. Possible values are: certificate, usernameAndPassword, derivedCredential. */ - activityDateTime?: string; + authenticationMethod?: NullableOption; + // Indicates the type of EAP protocol set on the Wi-Fi endpoint (router). Possible values are: eapTls, eapTtls, peap. + eapType?: AndroidEapType; /** - * Indicates the activity name or the operation name (for example 'Create User', 'Add member to group'). For a list of - * activities logged, refer to Microsoft Entra audit log categories and activities. Supports $filter (eq, startswith). + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is EAP-TTLS and Authenticationmethod is Username and + * Password. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, + * microsoftChapVersionTwo. */ - activityDisplayName?: string; - // Indicates more details on the activity. - additionalDetails?: NullableOption; + innerAuthenticationProtocolForEapTtls?: NullableOption; /** - * Indicates which resource category that's targeted by the activity. For example: UserManagement, GroupManagement, - * ApplicationManagement, RoleManagement. For a list of categories for activities logged, refer to Microsoft Entra audit - * log categories and activities. + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is PEAP and Authenticationmethod is Username and + * Password. Possible values are: none, microsoftChapVersionTwo. */ - category?: string; + innerAuthenticationProtocolForPeap?: NullableOption; /** - * Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs - * across services. Supports $filter (eq). + * Enable identity privacy (Outer Identity) when EAP Type is configured to EAP-TTLS or PEAP. The String provided here is + * used to mask the username of individual users when they attempt to connect to Wi-Fi network. */ - correlationId?: NullableOption; + outerIdentityPrivacyTemporaryValue?: NullableOption; /** - * Indicates information about the user or app initiated the activity. Supports $filter (eq) for user/id, - * user/displayName, user/userPrincipalName, app/appId, app/displayName; and $filter (startswith) for - * user/userPrincipalName. + * URL of the proxy server automatic configuration script when automatic configuration is selected. This URL is typically + * the location of PAC (Proxy Auto Configuration) file. */ - initiatedBy?: AuditActivityInitiator; + proxyAutomaticConfigurationUrl?: NullableOption; + // Proxy Type for this Wi-Fi connection. Possible values are: none, manual, automatic, unknownFutureValue. + proxySettings?: WiFiProxySetting; /** - * Indicates information on which service initiated the activity (For example: Self-service Password Management, Core - * Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. Supports $filter (eq). + * Trusted server certificate names when EAP Type is configured to EAP-TLS/TTLS/FAST or PEAP. This is the common name used + * in the certificates issued by your trusted certificate authority (CA). If you provide this information, you can bypass + * the dynamic trust dialog that is displayed on end users' devices when they connect to this Wi-Fi network. */ - loggedByService?: NullableOption; + trustedServerCertificateNames?: NullableOption; /** - * Indicates the type of operation that was performed. The possible values include but aren't limited to the following: - * Add, Assign, Update, Unassign, and Delete. + * Identity Certificate for client authentication when EAP Type is configured to EAP-TLS, EAP-TTLS (with Certificate + * Authentication), or PEAP (with Certificate Authentication). This is the certificate presented by client to the Wi-Fi + * endpoint. The authentication server sitting behind the Wi-Fi endpoint must accept this certificate to successfully + * establish a Wi-Fi connection. */ - operationType?: NullableOption; - // Indicates the result of the activity. Possible values are: success, failure, timeout, unknownFutureValue. - result?: NullableOption; - // Indicates the reason for failure if the result is failure or timeout. - resultReason?: NullableOption; + identityCertificateForClientAuthentication?: NullableOption; /** - * Information about the resource that changed due to the activity. Supports $filter (eq) for id and displayName; and - * $filter (startswith) for displayName. + * Trusted Root Certificate for Server Validation when EAP Type is configured to EAP-TLS, EAP-TTLS or PEAP. This is the + * certificate presented by the Wi-Fi endpoint when the device attempts to connect to Wi-Fi endpoint. The device (or user) + * must accept this certificate to continue the connection attempt. */ - targetResources?: NullableOption; - // Type of user agent used by a user in the activity. - userAgent?: NullableOption; + rootCertificateForServerValidation?: NullableOption; } -export interface ProvisioningObjectSummary extends Entity { - action?: NullableOption; +export interface AndroidWorkProfileGeneralDeviceConfiguration extends DeviceConfiguration { + // Determine domains allow-list for accounts that can be added to work profile. + allowedGoogleAccountDomains?: NullableOption; + // Prevent using unified password for unlocking device and work profile. + blockUnifiedPasswordForWorkProfile?: boolean; + // Indicates whether or not to block face unlock. + passwordBlockFaceUnlock?: boolean; + // Indicates whether or not to block fingerprint unlock. + passwordBlockFingerprintUnlock?: boolean; + // Indicates whether or not to block iris unlock. + passwordBlockIrisUnlock?: boolean; + // Indicates whether or not to block Smart Lock and other trust agents. + passwordBlockTrustAgents?: boolean; + // Number of days before the password expires. Valid values 1 to 365 + passwordExpirationDays?: NullableOption; + // Minimum length of passwords. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Minutes of inactivity before the screen times out. + passwordMinutesOfInactivityBeforeScreenTimeout?: NullableOption; + // Number of previous passwords to block. Valid values 0 to 24 + passwordPreviousPasswordBlockCount?: NullableOption; /** - * Represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan - * 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq, gt, lt) and orderby. + * Type of password that is required. Possible values are: deviceDefault, lowSecurityBiometric, required, atLeastNumeric, + * numericComplex, atLeastAlphabetic, atLeastAlphanumeric, alphanumericWithSymbols. */ - activityDateTime?: string; - // Unique ID of this change in this cycle. Supports $filter (eq, contains). - changeId?: NullableOption; - // Unique ID per job iteration. Supports $filter (eq, contains). - cycleId?: NullableOption; - // Indicates how long this provisioning action took to finish. Measured in milliseconds. Supports $filter (eq, gt, lt). - durationInMilliseconds?: NullableOption; - // Details of who initiated this provisioning. Supports $filter (eq, contains). - initiatedBy?: NullableOption; - // The unique ID for the whole provisioning job. Supports $filter (eq, contains). - jobId?: NullableOption; - // Details of each property that was modified in this provisioning action on this object. - modifiedProperties?: NullableOption; + passwordRequiredType?: AndroidWorkProfileRequiredPasswordType; + // Number of sign in failures allowed before factory reset. Valid values 1 to 16 + passwordSignInFailureCountBeforeFactoryReset?: NullableOption; /** - * Indicates the activity name or the operation name. Possible values are: create, update, delete, stageddelete, disable, - * other and unknownFutureValue. For a list of activities logged, refer to Microsoft Entra activity list. Supports $filter - * (eq, contains). + * Indicates the required device password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is a new API + * targeted to Android 12+. Possible values are: none, low, medium, high. */ - provisioningAction?: NullableOption; - // Details of provisioning status. Supports $filter (eq, contains) for status. - provisioningStatusInfo?: NullableOption; - // Details of each step in provisioning. - provisioningSteps?: NullableOption; - // Represents the service principal used for provisioning. Supports $filter (eq) for id and name. - servicePrincipal?: NullableOption; - // Details of source object being provisioned. Supports $filter (eq, contains) for identityType, id, and displayName. - sourceIdentity?: NullableOption; - // Details of source system of the object being provisioned. Supports $filter (eq, contains) for displayName. - sourceSystem?: NullableOption; - statusInfo?: NullableOption; - // Details of target object being provisioned. Supports $filter (eq, contains) for identityType, id, and displayName. - targetIdentity?: NullableOption; - // Details of target system of the object being provisioned. Supports $filter (eq, contains) for displayName. - targetSystem?: NullableOption; - // Unique Microsoft Entra tenant ID. Supports $filter (eq, contains). - tenantId?: NullableOption; -} -export interface SignIn extends Entity { - // The application name displayed in the Microsoft Entra admin center. Supports $filter (eq, startsWith). - appDisplayName?: NullableOption; - // The application identifier in Microsoft Entra ID. Supports $filter (eq). - appId?: NullableOption; + requiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Require the Android Verify apps feature is turned on. + securityRequireVerifyApps?: boolean; + // Enable lockdown mode for always-on VPN. + vpnAlwaysOnPackageIdentifier?: NullableOption; + // Enable lockdown mode for always-on VPN. + vpnEnableAlwaysOnLockdownMode?: boolean; /** - * A list of conditional access policies that are triggered by the corresponding sign-in activity. Apps need additional - * Conditional Access-related privileges to read the details of this property. For more information, see Viewing applied - * conditional access (CA) policies in sign-ins. + * Control user's ability to add accounts in work profile including Google accounts. Possible values are: + * allowAllExceptGoogleAccounts, blockAll, allowAll, unknownFutureValue. */ - appliedConditionalAccessPolicies?: NullableOption; + workProfileAccountUse?: AndroidWorkProfileAccountUse; + // Indicates whether to allow installation of apps from unknown sources. + workProfileAllowAppInstallsFromUnknownSources?: boolean; + // Allow widgets from work profile apps. + workProfileAllowWidgets?: boolean; + // Block users from adding/removing accounts in work profile. + workProfileBlockAddingAccounts?: boolean; + // Block work profile camera. + workProfileBlockCamera?: boolean; + // Block display work profile caller ID in personal profile. + workProfileBlockCrossProfileCallerId?: boolean; + // Block work profile contacts availability in personal profile. + workProfileBlockCrossProfileContactsSearch?: boolean; + // Boolean that indicates if the setting disallow cross profile copy/paste is enabled. + workProfileBlockCrossProfileCopyPaste?: boolean; + // Indicates whether or not to block notifications while device locked. + workProfileBlockNotificationsWhileDeviceLocked?: boolean; + // Prevent app installations from unknown sources in the personal profile. + workProfileBlockPersonalAppInstallsFromUnknownSources?: boolean; + // Block screen capture in work profile. + workProfileBlockScreenCapture?: boolean; + // Allow bluetooth devices to access enterprise contacts. + workProfileBluetoothEnableContactSharing?: boolean; /** - * Detailed information about the listeners, such as Azure Logic Apps and Azure Functions, which were triggered by the - * corresponding events in the sign-in event. + * Type of data sharing that is allowed. Possible values are: deviceDefault, preventAny, allowPersonalToWork, + * noRestrictions. */ - appliedEventListeners?: NullableOption; - appTokenProtectionStatus?: NullableOption; - // Provides details about the app and device used during a Microsoft Entra authentication step. - authenticationAppDeviceDetails?: NullableOption; + workProfileDataSharingType?: AndroidWorkProfileCrossProfileDataSharingType; + // Type of password that is required. Possible values are: deviceDefault, prompt, autoGrant, autoDeny. + workProfileDefaultAppPermissionPolicy?: AndroidWorkProfileDefaultAppPermissionPolicyType; + // Indicates whether or not to block face unlock for work profile. + workProfilePasswordBlockFaceUnlock?: boolean; + // Indicates whether or not to block fingerprint unlock for work profile. + workProfilePasswordBlockFingerprintUnlock?: boolean; + // Indicates whether or not to block iris unlock for work profile. + workProfilePasswordBlockIrisUnlock?: boolean; + // Indicates whether or not to block Smart Lock and other trust agents for work profile. + workProfilePasswordBlockTrustAgents?: boolean; + // Number of days before the work profile password expires. Valid values 1 to 365 + workProfilePasswordExpirationDays?: NullableOption; + // Minimum length of work profile password. Valid values 4 to 16 + workProfilePasswordMinimumLength?: NullableOption; + // Minimum # of letter characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinLetterCharacters?: NullableOption; + // Minimum # of lower-case characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinLowerCaseCharacters?: NullableOption; + // Minimum # of non-letter characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinNonLetterCharacters?: NullableOption; + // Minimum # of numeric characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinNumericCharacters?: NullableOption; + // Minimum # of symbols required in work profile password. Valid values 1 to 10 + workProfilePasswordMinSymbolCharacters?: NullableOption; + // Minimum # of upper-case characters required in work profile password. Valid values 1 to 10 + workProfilePasswordMinUpperCaseCharacters?: NullableOption; + // Minutes of inactivity before the screen times out. + workProfilePasswordMinutesOfInactivityBeforeScreenTimeout?: NullableOption; + // Number of previous work profile passwords to block. Valid values 0 to 24 + workProfilePasswordPreviousPasswordBlockCount?: NullableOption; /** - * Provides details of the Microsoft Entra policies applied to a user and client authentication app during an - * authentication step. + * Type of work profile password that is required. Possible values are: deviceDefault, lowSecurityBiometric, required, + * atLeastNumeric, numericComplex, atLeastAlphabetic, atLeastAlphanumeric, alphanumericWithSymbols. */ - authenticationAppPolicyEvaluationDetails?: NullableOption; - // Contains a collection of values that represent the conditional access authentication contexts applied to the sign-in. - authenticationContextClassReferences?: NullableOption; - // The result of the authentication attempt and more details on the authentication method. - authenticationDetails?: NullableOption; + workProfilePasswordRequiredType?: AndroidWorkProfileRequiredPasswordType; + // Number of sign in failures allowed before work profile is removed and all corporate data deleted. Valid values 1 to 16 + workProfilePasswordSignInFailureCountBeforeFactoryReset?: NullableOption; /** - * The authentication methods used. Possible values: SMS, Authenticator App, App Verification code, Password, FIDO, PTA, - * or PHS. + * Indicates the required work profile password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH. This is a new API + * targeted to Android 12+. Possible values are: none, low, medium, high. */ - authenticationMethodsUsed?: NullableOption; + workProfileRequiredPasswordComplexity?: AndroidRequiredPasswordComplexity; + // Password is required or not for work profile + workProfileRequirePassword?: boolean; +} +// tslint:disable-next-line: no-empty-interface +export interface AndroidWorkProfileGmailEasConfiguration extends AndroidWorkProfileEasEmailProfileBase {} +export interface AndroidWorkProfileNineWorkEasConfiguration extends AndroidWorkProfileEasEmailProfileBase { + // Toggles syncing the calendar. If set to false the calendar is turned off on the device. + syncCalendar?: boolean; + // Toggles syncing contacts. If set to false contacts are turned off on the device. + syncContacts?: boolean; + // Toggles syncing tasks. If set to false tasks are turned off on the device. + syncTasks?: boolean; +} +export interface AndroidWorkProfilePkcsCertificateProfile extends AndroidWorkProfileCertificateProfileBase { + // Target store certificate. Possible values are: user, machine. + certificateStore?: NullableOption; + // PKCS Certificate Template Name + certificateTemplateName?: string; + // PKCS Certification Authority + certificationAuthority?: string; + // PKCS Certification Authority Name + certificationAuthorityName?: string; + // Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements. + customSubjectAlternativeNames?: NullableOption; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; /** - * More authentication processing details, such as the agent name for PTA and PHS, or a server or farm name for federated - * authentication. + * Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise + * Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US */ - authenticationProcessingDetails?: NullableOption; + subjectNameFormatString?: NullableOption; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidWorkProfileScepCertificateProfile extends AndroidWorkProfileCertificateProfileBase { + // Target store certificate. Possible values are: user, machine. + certificateStore?: NullableOption; + // Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements. + customSubjectAlternativeNames?: NullableOption; + // SCEP Hash Algorithm. Possible values are: sha1, sha2. + hashAlgorithm?: HashAlgorithms; + // SCEP Key Size. Possible values are: size1024, size2048, size4096. + keySize?: KeySize; + // SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature. + keyUsage?: KeyUsages; + // SCEP Server Url(s) + scepServerUrls?: NullableOption; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; /** - * Lists the protocol type or grant type used in the authentication. The possible values are: oAuth2, ropc, wsFederation, - * saml20, deviceCode, unknownFutureValue, authenticationTransfer, and none. Use none for all authentications that don't - * have a specific value in that list. + * Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise + * Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US */ - authenticationProtocol?: NullableOption; + subjectNameFormatString?: NullableOption; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AndroidWorkProfileTrustedRootCertificate extends DeviceConfiguration { + // File name to display in UI. + certFileName?: NullableOption; + // Trusted Root Certificate + trustedRootCertificate?: string; +} +export interface AndroidWorkProfileVpnConfiguration extends DeviceConfiguration { + // Whether or not to enable always-on VPN connection. + alwaysOn?: NullableOption; + // If always-on VPN connection is enabled, whether or not to lock network traffic when that VPN is disconnected. + alwaysOnLockdown?: NullableOption; + // Authentication method. Possible values are: certificate, usernameAndPassword, sharedSecret, derivedCredential, azureAD. + authenticationMethod?: VpnAuthenticationMethod; + // Connection name displayed to the user. + connectionName?: string; /** - * This holds the highest level of authentication needed through all the sign-in steps, for sign-in to succeed. Supports - * $filter (eq, startsWith). + * Connection type. Possible values are: ciscoAnyConnect, pulseSecure, f5EdgeClient, dellSonicWallMobileConnect, + * checkPointCapsuleVpn, citrix, paloAltoGlobalProtect, microsoftTunnel, netMotionMobility, microsoftProtect. */ - authenticationRequirement?: NullableOption; + connectionType?: AndroidWorkProfileVpnConnectionType; + // Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements. + customData?: NullableOption; + // Custom data when connection type is set to Citrix. This collection can contain a maximum of 25 elements. + customKeyValueData?: NullableOption; /** - * Sources of authentication requirement, such as conditional access, per-user MFA, identity protection, and security - * defaults. + * Fingerprint is a string that will be used to verify the VPN server can be trusted, which is only applicable when + * connection type is Check Point Capsule VPN. */ - authenticationRequirementPolicies?: NullableOption; - // The Autonomous System Number (ASN) of the network used by the actor. - autonomousSystemNumber?: NullableOption; - // Contains a fully qualified Azure Resource Manager ID of an Azure resource accessed during the sign-in. - azureResourceId?: NullableOption; + fingerprint?: NullableOption; + // Microsoft Tunnel site ID. + microsoftTunnelSiteId?: NullableOption; + // List of hosts to exclude using the proxy on connections for. These hosts can use wildcards such as .example.com. + proxyExclusionList?: NullableOption; + // Proxy server. + proxyServer?: NullableOption; + // Realm when connection type is set to Pulse Secure. + realm?: NullableOption; + // Role when connection type is set to Pulse Secure. + role?: NullableOption; /** - * The legacy client used for sign-in activity. For example: Browser, Exchange ActiveSync, Modern clients, IMAP, MAPI, - * SMTP, or POP. Supports $filter (eq). + * List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain + * a maximum of 500 elements. */ - clientAppUsed?: NullableOption; + servers?: VpnServer[]; + // Targeted mobile apps. This collection can contain a maximum of 500 elements. + targetedMobileApps?: NullableOption; + // Targeted App package IDs. + targetedPackageIds?: NullableOption; + // Identity certificate for client authentication when authentication method is certificate. + identityCertificate?: NullableOption; +} +export interface AndroidWorkProfileWiFiConfiguration extends DeviceConfiguration { /** - * Describes the credential type that a user client or service principal provided to Microsoft Entra ID to authenticate - * itself. You can review this property to track and eliminate less secure credential types or to watch for clients and - * service principals using anomalous credential types. The possible values are: none, clientSecret, clientAssertion, - * federatedIdentityCredential, managedIdentity, certificate, unknownFutureValue. + * Connect automatically when this network is in range. Setting this to true will skip the user prompt and automatically + * connect the device to Wi-Fi network. */ - clientCredentialType?: NullableOption; + connectAutomatically?: boolean; /** - * The status of the conditional access policy triggered. Possible values: success, failure, notApplied, or - * unknownFutureValue. Supports $filter (eq). + * When set to true, this profile forces the device to connect to a network that doesn't broadcast its SSID to all + * devices. */ - conditionalAccessStatus?: NullableOption; + connectWhenNetworkNameIsHidden?: boolean; + // Network Name + networkName?: string; + // This is the name of the Wi-Fi network that is broadcast to all devices. + ssid?: string; /** - * The identifier that's sent from the client when sign-in is initiated. This is used for troubleshooting the - * corresponding sign-in activity when calling for support. Supports $filter (eq). + * Indicates whether Wi-Fi endpoint uses an EAP based security type. Possible values are: open, wpaEnterprise, + * wpa2Enterprise. */ - correlationId?: NullableOption; + wiFiSecurityType?: AndroidWiFiSecurityType; +} +export interface AnonymousGuestConversationMember extends ConversationMember { /** - * The date and time the sign-in was initiated. The Timestamp type is always in UTC time. For example, midnight UTC on Jan - * 1, 2014 is 2014-01-01T00:00:00Z. Supports $orderby, $filter (eq, le, and ge). + * Unique ID that represents the user. Note: This ID can change if the user leaves and rejoins the meeting, or joins from + * a different device. */ - createdDateTime?: string; + anonymousGuestId?: NullableOption; +} +export interface AospDeviceOwnerCertificateProfileBase extends DeviceConfiguration { + // Scale for the Certificate Validity Period. Possible values are: days, months, years. + certificateValidityPeriodScale?: CertificateValidityPeriodScale; + // Value for the Certificate Validity Period. + certificateValidityPeriodValue?: number; + // Extended Key Usage (EKU) settings. This collection can contain a maximum of 500 elements. + extendedKeyUsages?: ExtendedKeyUsage[]; + // Certificate renewal threshold percentage. Valid values 1 to 99 + renewalThresholdPercentage?: number; /** - * Describes the type of cross-tenant access used by the actor to access the resource. Possible values are: none, - * b2bCollaboration, b2bDirectConnect, microsoftSupport, serviceProvider, unknownFutureValue, passthrough. Also, please - * note that you must use the Prefer: include-unknown-enum-members request header to get the following value(s) in this - * evolvable enum: passthrough. If the sign in didn't cross tenant boundaries, the value is none. + * Certificate Subject Alternative Name Type. This collection can contain a maximum of 500 elements. Possible values are: + * none, emailAddress, userPrincipalName, customAzureADAttribute, domainNameService, universalResourceIdentifier. */ - crossTenantAccessType?: NullableOption; + subjectAlternativeNameType?: NullableOption; /** - * The device information from where the sign-in occurred. Includes information such as deviceId, OS, and browser. - * Supports $filter (eq, startsWith) on browser and operatingSystem properties. + * Certificate Subject Name Format. This collection can contain a maximum of 500 elements. Possible values are: + * commonName, commonNameIncludingEmail, commonNameAsEmail, custom, commonNameAsIMEI, commonNameAsSerialNumber, + * commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, commonNameAsDurableDeviceId. */ - deviceDetail?: NullableOption; + subjectNameFormat?: NullableOption; + // Trusted Root Certificate. + rootCertificate?: NullableOption; +} +export interface AospDeviceOwnerCompliancePolicy extends DeviceCompliancePolicy { + // Minimum Android security patch level. + minAndroidSecurityPatchLevel?: NullableOption; + // Maximum Android version. + osMaximumVersion?: NullableOption; + // Minimum Android version. + osMinimumVersion?: NullableOption; + // Minimum password length. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Minutes of inactivity before a password is required. Valid values 1 to 8640 + passwordMinutesOfInactivityBeforeLock?: NullableOption; + // Require a password to unlock device. + passwordRequired?: NullableOption; /** - * Contains the identifier of an application's federated identity credential, if a federated identity credential was used - * to sign in. + * Type of characters in password. Possible values are: deviceDefault, required, numeric, numericComplex, alphabetic, + * alphanumeric, alphanumericWithSymbols, lowSecurityBiometric, customPassword. */ - federatedCredentialId?: NullableOption; + passwordRequiredType?: NullableOption; + // Devices must not be jailbroken or rooted. + securityBlockJailbrokenDevices?: NullableOption; + // Require encryption on Android devices. + storageRequireEncryption?: NullableOption; +} +export interface AospDeviceOwnerDeviceConfiguration extends DeviceConfiguration { /** - * During a failed sign-in, a user can select a button in the Azure portal to mark the failed event for tenant admins. If - * a user selects the button to flag the failed sign-in, this value is true. + * Indicates whether or not the user is allowed to enable unknown sources setting. When set to true, user is not allowed + * to enable unknown sources settings. */ - flaggedForReview?: NullableOption; + appsBlockInstallFromUnknownSources?: NullableOption; + // Indicates whether or not to block a user from configuring bluetooth. + bluetoothBlockConfiguration?: NullableOption; + // Indicates whether or not to disable the use of bluetooth. When set to true, bluetooth cannot be enabled on the device. + bluetoothBlocked?: NullableOption; + // Indicates whether or not to disable the use of the camera. + cameraBlocked?: NullableOption; + // Indicates whether or not the factory reset option in settings is disabled. + factoryResetBlocked?: NullableOption; + // Indicates the minimum length of the password required on the device. Valid values 4 to 16 + passwordMinimumLength?: NullableOption; + // Minutes of inactivity before the screen times out. + passwordMinutesOfInactivityBeforeScreenTimeout?: NullableOption; /** - * The tenant identifier of the user initiating the sign-in. Not applicable in Managed Identity or service principal sign - * ins. + * Indicates the minimum password quality required on the device. Possible values are: deviceDefault, required, numeric, + * numericComplex, alphabetic, alphanumeric, alphanumericWithSymbols, lowSecurityBiometric, customPassword. */ - homeTenantId?: NullableOption; + passwordRequiredType?: NullableOption; + // Indicates the number of times a user can enter an incorrect password before the device is wiped. Valid values 4 to 11 + passwordSignInFailureCountBeforeFactoryReset?: NullableOption; + // Indicates whether or not to disable the capability to take screenshots. + screenCaptureBlocked?: NullableOption; + // Indicates whether or not to block the user from enabling debugging features on the device. + securityAllowDebuggingFeatures?: NullableOption; + // Indicates whether or not to block external media. + storageBlockExternalMedia?: NullableOption; + // Indicates whether or not to block USB file transfer. + storageBlockUsbFileTransfer?: NullableOption; + // Indicates whether or not to block the user from editing the wifi connection settings. + wifiBlockEditConfigurations?: NullableOption; +} +export interface AospDeviceOwnerEnterpriseWiFiConfiguration extends AospDeviceOwnerWiFiConfiguration { /** - * For user sign ins, the identifier of the tenant that the user is a member of. Only populated in cases where the home - * tenant has provided affirmative consent to Microsoft Entra ID to show the tenant content. + * Indicates the Authentication Method the client (device) needs to use when the EAP Type is configured to PEAP or + * EAP-TTLS. Possible values are: certificate, usernameAndPassword, derivedCredential. */ - homeTenantName?: NullableOption; + authenticationMethod?: NullableOption; + // Indicates the type of EAP protocol set on the Wi-Fi endpoint (router). Possible values are: eapTls, eapTtls, peap. + eapType?: AndroidEapType; /** - * Indicates the token types that were presented to Microsoft Entra ID to authenticate the actor in the sign in. The - * possible values are: none, primaryRefreshToken, saml11, saml20, unknownFutureValue, remoteDesktopToken. NOTE Microsoft - * Entra ID might have also used token types not listed in this enum type to authenticate the actor. Don't infer the lack - * of a token if it isn't one of the types listed. Also, please note that you must use the Prefer: - * include-unknown-enum-members request header to get the following value(s) in this evolvable enum: remoteDesktopToken. + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is EAP-TTLS and Authenticationmethod is Username and + * Password. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, + * microsoftChapVersionTwo. */ - incomingTokenType?: NullableOption; - // The IP address of the client from where the sign-in occurred. Supports $filter (eq, startsWith). - ipAddress?: NullableOption; + innerAuthenticationProtocolForEapTtls?: NullableOption; /** - * The IP address a user used to reach a resource provider, used to determine Conditional Access compliance for some - * policies. For example, when a user interacts with Exchange Online, the IP address that Microsoft Exchange receives from - * the user can be recorded here. This value is often null. + * Non-EAP Method for Authentication (Inner Identity) when EAP Type is PEAP and Authenticationmethod is Username and + * Password. This collection can contain a maximum of 500 elements. Possible values are: none, microsoftChapVersionTwo. */ - ipAddressFromResourceProvider?: NullableOption; + innerAuthenticationProtocolForPeap?: NullableOption; /** - * Indicates whether a user sign in is interactive. In interactive sign in, the user provides an authentication factor to - * Microsoft Entra ID. These factors include passwords, responses to MFA challenges, biometric factors, or QR codes that a - * user provides to Microsoft Entra ID or an associated app. In non-interactive sign in, the user doesn't provide an - * authentication factor. Instead, the client app uses a token or code to authenticate or access a resource on behalf of a - * user. Non-interactive sign ins are commonly used for a client to sign in on a user's behalf in a process transparent to - * the user. + * Enable identity privacy (Outer Identity) when EAP Type is configured to EAP-TTLS or PEAP. The String provided here is + * used to mask the username of individual users when they attempt to connect to Wi-Fi network. */ - isInteractive?: NullableOption; - // Shows whether the sign in event was subject to a Microsoft Entra tenant restriction policy. - isTenantRestricted?: NullableOption; + outerIdentityPrivacyTemporaryValue?: NullableOption; /** - * The city, state, and two letter country code from where the sign-in occurred. Supports $filter (eq, startsWith) on - * city, state, and countryOrRegion properties. + * Trusted server certificate names when EAP Type is configured to EAP-TLS/TTLS/FAST or PEAP. This is the common name used + * in the certificates issued by your trusted certificate authority (CA). If you provide this information, you can bypass + * the dynamic trust dialog that is displayed on end users' devices when they connect to this Wi-Fi network. */ - location?: NullableOption; + trustedServerCertificateNames?: NullableOption; /** - * Contains information about the managed identity used for the sign in, including its type, associated Azure Resource - * Manager (ARM) resource ID, and federated token information. + * Identity Certificate for client authentication when EAP Type is configured to EAP-TLS, EAP-TTLS (with Certificate + * Authentication), or PEAP (with Certificate Authentication). This is the certificate presented by client to the Wi-Fi + * endpoint. The authentication server sitting behind the Wi-Fi endpoint must accept this certificate to successfully + * establish a Wi-Fi connection. */ - managedServiceIdentity?: NullableOption; - mfaDetail?: NullableOption; - // The network location details including the type of network used and its names. - networkLocationDetails?: NullableOption; - // The request identifier of the first request in the authentication sequence. Supports $filter (eq). - originalRequestId?: NullableOption; + identityCertificateForClientAuthentication?: NullableOption; /** - * Transfer method used to initiate a session throughout all subsequent request. The possible values are: none, - * deviceCodeFlow, authenticationTransfer, unknownFutureValue. + * Trusted Root Certificate for Server Validation when EAP Type is configured to EAP-TLS, EAP-TTLS or PEAP. This is the + * certificate presented by the Wi-Fi endpoint when the device attempts to connect to Wi-Fi endpoint. The device (or user) + * must accept this certificate to continue the connection attempt. */ - originalTransferMethod?: NullableOption; - // Contains information about the Microsoft Entra Private Link policy that is associated with the sign in event. - privateLinkDetails?: NullableOption; - // The request processing time in milliseconds in AD STS. - processingTimeInMilliseconds?: NullableOption; - // The name of the resource that the user signed in to. Supports $filter (eq). - resourceDisplayName?: NullableOption; - // The identifier of the resource that the user signed in to. Supports $filter (eq). - resourceId?: NullableOption; - // The identifier of the service principal representing the target resource in the sign-in event. - resourceServicePrincipalId?: NullableOption; - // The tenant identifier of the resource referenced in the sign in. - resourceTenantId?: NullableOption; + rootCertificateForServerValidation?: NullableOption; +} +export interface AospDeviceOwnerPkcsCertificateProfile extends AospDeviceOwnerCertificateProfileBase { + // Target store certificate. Possible values are: user, machine. + certificateStore?: CertificateStore; + // PKCS Certificate Template Name + certificateTemplateName?: string; + // PKCS Certification Authority + certificationAuthority?: string; + // PKCS Certification Authority Name + certificationAuthorityName?: NullableOption; + // Certification authority type. Possible values are: notConfigured, microsoft, digiCert. + certificationAuthorityType?: DeviceManagementCertificationAuthority; + // Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements. + customSubjectAlternativeNames?: NullableOption; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; /** - * The reason behind a specific state of a risky user, sign-in, or a risk event. Possible values: none, - * adminGeneratedTemporaryPassword, userPerformedSecuredPasswordChange, userPerformedSecuredPasswordReset, - * adminConfirmedSigninSafe, aiConfirmedSigninSafe, userPassedMFADrivenByRiskBasedPolicy, adminDismissedAllRiskForUser, - * adminConfirmedSigninCompromised, or unknownFutureValue. The value none means that Microsoft Entra risk detection has - * not flagged the user or the sign-in as a risky event so far. Supports $filter (eq). Note: Details for this property are - * only available for Microsoft Entra ID P2 customers. All other customers are returned hidden. + * Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise + * Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US */ - riskDetail?: NullableOption; + subjectNameFormatString?: string; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AospDeviceOwnerScepCertificateProfile extends AospDeviceOwnerCertificateProfileBase { + // Target store certificate. This collection can contain a maximum of 500 elements. Possible values are: user, machine. + certificateStore?: NullableOption; + // Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements. + customSubjectAlternativeNames?: NullableOption; + // SCEP Hash Algorithm. Possible values are: sha1, sha2. + hashAlgorithm?: HashAlgorithms; + // SCEP Key Size. Possible values are: size1024, size2048, size4096. + keySize?: KeySize; + // SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature. + keyUsage?: KeyUsages; + // SCEP Server Url(s) + scepServerUrls?: NullableOption; + // Custom String that defines the AAD Attribute. + subjectAlternativeNameFormatString?: NullableOption; /** - * The list of risk event types associated with the sign-in. Possible values: unlikelyTravel, anonymizedIPAddress, - * maliciousIPAddress, unfamiliarFeatures, malwareInfectedIPAddress, suspiciousIPAddress, leakedCredentials, - * investigationsThreatIntelligence, generic, or unknownFutureValue. Supports $filter (eq, startsWith). + * Custom format to use with SubjectNameFormat = Custom. Example: CN={{EmailAddress}},E={{EmailAddress}},OU=Enterprise + * Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US */ - riskEventTypes_v2?: NullableOption; + subjectNameFormatString?: NullableOption; + // Certificate state for devices. This collection can contain a maximum of 2147483647 elements. + managedDeviceCertificateStates?: NullableOption; +} +export interface AospDeviceOwnerTrustedRootCertificate extends DeviceConfiguration { + // File name to display in UI. + certFileName?: NullableOption; + // Trusted Root Certificate + trustedRootCertificate?: string; +} +export interface AospDeviceOwnerWiFiConfiguration extends DeviceConfiguration { /** - * The aggregated risk level. Possible values: none, low, medium, high, hidden, or unknownFutureValue. The value hidden - * means the user or sign-in wasn't enabled for Microsoft Entra ID Protection. Supports $filter (eq). Note: Details for - * this property are only available for Microsoft Entra ID P2 customers. All other customers are returned hidden. + * Connect automatically when this network is in range. Setting this to true will skip the user prompt and automatically + * connect the device to Wi-Fi network. */ - riskLevelAggregated?: NullableOption; + connectAutomatically?: NullableOption; /** - * The risk level during sign-in. Possible values: none, low, medium, high, hidden, or unknownFutureValue. The value - * hidden means the user or sign-in wasn't enabled for Microsoft Entra ID Protection. Supports $filter (eq). Note: Details - * for this property are only available for Microsoft Entra ID P2 customers. All other customers are returned hidden. + * When set to true, this profile forces the device to connect to a network that doesn't broadcast its SSID to all + * devices. */ - riskLevelDuringSignIn?: NullableOption; + connectWhenNetworkNameIsHidden?: NullableOption; + // Network Name + networkName?: string; + // This is the pre-shared key for WPA Personal Wi-Fi network. + preSharedKey?: NullableOption; + // This is the pre-shared key for WPA Personal Wi-Fi network. + preSharedKeyIsSet?: boolean; + // Specify the proxy server configuration script URL. + proxyAutomaticConfigurationUrl?: NullableOption; + // List of hosts to exclude using the proxy on connections for. These hosts can use wildcards such as .example.com. + proxyExclusionList?: NullableOption; + // Specify the proxy server IP address. Both IPv4 and IPv6 addresses are supported. For example: 192.168.1.1. + proxyManualAddress?: NullableOption; + // Specify the proxy server port. + proxyManualPort?: NullableOption; /** - * The risk state of a risky user, sign-in, or a risk event. Possible values: none, confirmedSafe, remediated, dismissed, - * atRisk, confirmedCompromised, or unknownFutureValue. Supports $filter (eq). + * Specify the proxy setting for Wi-Fi configuration. Possible values include none, manual, and automatic. Possible values + * are: none, manual, automatic, unknownFutureValue. */ - riskState?: NullableOption; - // The unique identifier of the key credential used by the service principal to authenticate. - servicePrincipalCredentialKeyId?: NullableOption; - // The certificate thumbprint of the certificate used by the service principal to authenticate. - servicePrincipalCredentialThumbprint?: NullableOption; + proxySetting?: WiFiProxySetting; + // This is the name of the Wi-Fi network that is broadcast to all devices. + ssid?: string; /** - * The application identifier used for sign-in. This field is populated when you're signing in using an application. - * Supports $filter (eq, startsWith). + * Indicates whether Wi-Fi endpoint uses an EAP based security type. Possible values are: open, wep, wpaPersonal, + * wpaEnterprise. */ - servicePrincipalId?: string; + wiFiSecurityType?: AospDeviceOwnerWiFiSecurityType; +} +export interface AppCatalogs { + teamsApps?: NullableOption; +} +export interface AppConsentApprovalRoute extends Entity { /** - * The application name used for sign-in. This field is populated when you're signing in using an application. Supports - * $filter (eq, startsWith). + * A collection of appConsentRequest objects representing apps for which admin consent has been requested by one or more + * users. */ - servicePrincipalName?: NullableOption; - // Any conditional access session management policies that were applied during the sign-in event. - sessionLifetimePolicies?: NullableOption; + appConsentRequests?: NullableOption; +} +export interface AppConsentRequest extends Entity { + // The display name of the app for which consent is requested. Required. Supports $filter (eq only) and $orderby. + appDisplayName?: NullableOption; + // The identifier of the application. Required. Supports $filter (eq only) and $orderby. + appId?: string; /** - * Indicates the category of sign in that the event represents. For user sign ins, the category can be interactiveUser or - * nonInteractiveUser and corresponds to the value for the isInteractive property on the signin resource. For managed - * identity sign ins, the category is managedIdentity. For service principal sign-ins, the category is servicePrincipal. - * Possible values are: interactiveUser, nonInteractiveUser, servicePrincipal, managedIdentity, unknownFutureValue. - * Supports $filter (eq, ne). + * The consent type of the request. Possible values are: Static and Dynamic. These represent static and dynamic + * permissions, respectively, requested in the consent workflow. Supports $filter (eq only) and $orderby. Required. */ - signInEventTypes?: NullableOption; + consentType?: NullableOption; + // A list of pending scopes waiting for approval. This is empty if the consentType is Static. Required. + pendingScopes?: NullableOption; + // A list of pending user consent requests. Supports $filter (eq). + userConsentRequests?: NullableOption; +} +export interface AppCredentialSignInActivity extends Entity { + // The globally unique appId (also called client ID on the Microsoft Entra admin center) of the credential application. + appId?: string; + // The ID of the credential application instance. + appObjectId?: NullableOption; /** - * The identification that the user provided to sign in. It can be the userPrincipalName, but is also populated when a - * user signs in using other identifiers. + * The date and time when the credential was created. The Timestamp type represents date and time information using ISO + * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - signInIdentifier?: NullableOption; + createdDateTime?: NullableOption; + // The type the key credential originated from. Possible values are: application, servicePrincipal, unknownFutureValue. + credentialOrigin?: ApplicationKeyOrigin; /** - * The type of sign in identifier. Possible values are: userPrincipalName, phoneNumber, proxyAddress, qrCode, - * onPremisesUserPrincipalName, unknownFutureValue. + * The date and time when the credential is set to expire. The Timestamp type represents date and time information using + * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - signInIdentifierType?: NullableOption; + expirationDateTime?: NullableOption; + // The key ID of the credential. + keyId?: string; + // Specifies the key type. The possible values are: clientSecret, certificate, unknownFutureValue. + keyType?: NullableOption; + // Specifies what the key was used for. The possible values are: sign, verify, unknownFutureValue. + keyUsage?: NullableOption; + // The ID of the accessed resource. + resourceId?: NullableOption; + // The ID of the service principal. + servicePrincipalObjectId?: NullableOption; + // The sign-in activity of the credential across all flows. + signInActivity?: SignInActivity; +} +export interface AppleDeviceFeaturesConfigurationBase extends DeviceConfiguration { + // An array of AirPrint printers that should always be shown. This collection can contain a maximum of 500 elements. + airPrintDestinations?: NullableOption; +} +export interface AppleEnrollmentProfileAssignment extends Entity { + // The assignment target for the Apple user initiated deployment profile. + target?: NullableOption; +} +export interface AppleExpeditedCheckinConfigurationBase extends DeviceConfiguration { + // Gets or sets whether to enable expedited device check-ins. + enableExpeditedCheckin?: boolean; +} +export interface AppleManagedIdentityProvider extends IdentityProviderBase { + // The certificate data that is a long string of text from the certificate, can be null. + certificateData?: NullableOption; + // The Apple developer identifier. Required. + developerId?: NullableOption; + // The Apple key identifier. Required. + keyId?: NullableOption; + // The Apple service identifier. Required. + serviceId?: NullableOption; +} +export interface ApplePushNotificationCertificate extends Entity { + // Apple Id of the account used to create the MDM push certificate. + appleIdentifier?: NullableOption; + certificate?: NullableOption; + // Certificate serial number. This property is read-only. + certificateSerialNumber?: NullableOption; + // The reason the certificate upload failed. + certificateUploadFailureReason?: NullableOption; + // The certificate upload status. + certificateUploadStatus?: NullableOption; + // The expiration date and time for Apple push notification certificate. + expirationDateTime?: string; + // Last modified date and time for Apple push notification certificate. + lastModifiedDateTime?: string; + // Topic Id. + topicIdentifier?: NullableOption; +} +export interface AppleUserInitiatedEnrollmentProfile extends Entity { + // List of available enrollment type options + availableEnrollmentTypeOptions?: NullableOption; + // Profile creation time + createdDateTime?: string; /** - * Token protection creates a cryptographically secure tie between the token and the device it is issued to. This field - * indicates whether the signin token was bound to the device or not. The possible values are: none, bound, unbound, - * unknownFutureValue. + * The default profile enrollment type. Possible values are: unknown, device, user, accountDrivenUserEnrollment, + * webDeviceEnrollment, unknownFutureValue. */ - signInTokenProtectionStatus?: NullableOption; + defaultEnrollmentType?: AppleUserInitiatedEnrollmentType; + // Description of the profile + description?: NullableOption; + // Name of the profile + displayName?: NullableOption; + // Profile last modified time + lastModifiedDateTime?: string; /** - * The sign-in status. Includes the error code and description of the error (for a sign-in failure). Supports $filter (eq) - * on errorCode property. + * The platform of the Device. Possible values are: android, androidForWork, iOS, macOS, windowsPhone81, + * windows81AndLater, windows10AndLater, androidWorkProfile, unknown, androidAOSP, androidMobileApplicationManagement, + * iOSMobileApplicationManagement, unknownFutureValue. */ - status?: NullableOption; - // The name of the identity provider. For example, sts.microsoft.com. Supports $filter (eq). - tokenIssuerName?: NullableOption; + platform?: DevicePlatformType; + // Priority, 0 is highest + priority?: number; + // The list of assignments for this profile. + assignments?: NullableOption; +} +export interface AppleVpnConfiguration extends DeviceConfiguration { + // Associated Domains + associatedDomains?: NullableOption; /** - * The type of identity provider. The possible values are: AzureAD, ADFederationServices, UnknownFutureValue, - * AzureADBackupAuth, ADFederationServicesMFAAdapter, NPSExtension. You must use the Prefer: include-unknown-enum-members - * request header to get the following values in this evolvable enum: AzureADBackupAuth , ADFederationServicesMFAAdapter , - * NPSExtension. + * Authentication method for this VPN connection. Possible values are: certificate, usernameAndPassword, sharedSecret, + * derivedCredential, azureAD. */ - tokenIssuerType?: NullableOption; + authenticationMethod?: VpnAuthenticationMethod; + // Connection name displayed to the user. + connectionName?: string; /** - * A unique base64 encoded request identifier used to track tokens issued by Microsoft Entra ID as they're redeemed at - * resource providers. + * Connection type. Possible values are: ciscoAnyConnect, pulseSecure, f5EdgeClient, dellSonicWallMobileConnect, + * checkPointCapsuleVpn, customVpn, ciscoIPSec, citrix, ciscoAnyConnectV2, paloAltoGlobalProtect, zscalerPrivateAccess, + * f5Access2018, citrixSso, paloAltoGlobalProtectV2, ikEv2, alwaysOn, microsoftTunnel, netMotionMobility, + * microsoftProtect. */ - uniqueTokenIdentifier?: NullableOption; - // The user agent information related to sign-in. Supports $filter (eq, startsWith). - userAgent?: NullableOption; - // The display name of the user. Supports $filter (eq, startsWith). - userDisplayName?: NullableOption; - // The identifier of the user. Supports $filter (eq). - userId?: string; - // The UPN of the user. Supports $filter (eq, startsWith). - userPrincipalName?: NullableOption; - // Identifies whether the user is a member or guest in the tenant. Possible values are: member, guest, unknownFutureValue. - userType?: NullableOption; -} -export interface AuthenticationMethodsRoot extends Entity { + connectionType?: AppleVpnConnectionType; /** - * Represents the state of a user's authentication methods, including which methods are registered and which features the - * user is registered and capable of (such as multifactor authentication, self-service password reset, and passwordless - * authentication). + * Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, + * but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection + * can contain a maximum of 25 elements. */ - userRegistrationDetails?: NullableOption; -} -export interface UserRegistrationDetails extends Entity { + customData?: NullableOption; /** - * The method the user or admin selected as default for performing multifactor authentication for the user. The possible - * values are: none, mobilePhone, alternateMobilePhone, officePhone, microsoftAuthenticatorPush, softwareOneTimePasscode, - * unknownFutureValue. + * Custom data when connection type is set to Custom VPN. Use this field to enable functionality not supported by Intune, + * but available in your VPN solution. Contact your VPN vendor to learn how to add these key/value pairs. This collection + * can contain a maximum of 25 elements. */ - defaultMfaMethod?: NullableOption; + customKeyValueData?: NullableOption; + // Toggle to prevent user from disabling automatic VPN in the Settings app + disableOnDemandUserOverride?: NullableOption; + // Whether to disconnect after on-demand connection idles + disconnectOnIdle?: NullableOption; + // The length of time in seconds to wait before disconnecting an on-demand connection. Valid values 0 to 65535 + disconnectOnIdleTimerInSeconds?: NullableOption; /** - * Indicates whether the user has an admin role in the tenant. This value can be used to check the authentication methods - * that privileged accounts are registered for and capable of. + * Setting this to true creates Per-App VPN payload which can later be associated with Apps that can trigger this VPN + * conneciton on the end user's iOS device. */ - isAdmin?: NullableOption; + enablePerApp?: NullableOption; + // Send all network traffic through VPN. + enableSplitTunneling?: boolean; + // Domains that are accessed through the public internet instead of through VPN, even when per-app VPN is activated + excludedDomains?: NullableOption; /** - * Indicates whether the user has registered a strong authentication method for multifactor authentication. The method - * must be allowed by the authentication methods policy. Supports $filter (eq). + * Identifier provided by VPN vendor when connection type is set to Custom VPN. For example: Cisco AnyConnect uses an + * identifier of the form com.cisco.anyconnect.applevpn.plugin */ - isMfaCapable?: boolean; + identifier?: NullableOption; + // Login group or domain when connection type is set to Dell SonicWALL Mobile Connection. + loginGroupOrDomain?: NullableOption; + // On-Demand Rules. This collection can contain a maximum of 500 elements. + onDemandRules?: NullableOption; + // Opt-In to sharing the device's Id to third-party vpn clients for use during network access control validation. + optInToDeviceIdSharing?: NullableOption; + // Provider type for per-app VPN. Possible values are: notConfigured, appProxy, packetTunnel. + providerType?: NullableOption; + // Proxy Server. + proxyServer?: NullableOption; + // Realm when connection type is set to Pulse Secure. + realm?: NullableOption; + // Role when connection type is set to Pulse Secure. + role?: NullableOption; /** - * Indicates whether the user has registered a strong authentication method for multifactor authentication. The method may - * not necessarily be allowed by the authentication methods policy. Supports $filter (eq). + * Safari domains when this VPN per App setting is enabled. In addition to the apps associated with this VPN, Safari + * domains specified here will also be able to trigger this VPN connection. */ - isMfaRegistered?: boolean; + safariDomains?: NullableOption; + // VPN Server on the network. Make sure end users can access this network location. + server?: VpnServer; +} +export interface AppleVppTokenTroubleshootingEvent extends DeviceManagementTroubleshootingEvent { + // Apple Volume Purchase Program Token Identifier. + tokenId?: NullableOption; +} +export interface Application extends DirectoryObject { + // Specifies settings for an application that implements a web API. + api?: NullableOption; /** - * Indicates whether the user has registered a passwordless strong authentication method (including FIDO2, Windows Hello - * for Business, and Microsoft Authenticator (Passwordless)) that is allowed by the authentication methods policy. - * Supports $filter (eq). + * The unique identifier for the application that is assigned by Microsoft Entra ID. Not nullable. Read-only. Alternate + * key. Supports $filter (eq). */ - isPasswordlessCapable?: boolean; + appId?: NullableOption; /** - * Indicates whether the user has registered the required number of authentication methods for self-service password reset - * and the user is allowed to perform self-service password reset by policy. Supports $filter (eq). + * The collection of roles defined for the application. With app role assignments, these roles can be assigned to users, + * groups, or service principals associated with other applications. Not nullable. */ - isSsprCapable?: boolean; + appRoles?: AppRole[]; /** - * Indicates whether the user is allowed to perform self-service password reset by policy. The user may not necessarily - * have registered the required number of authentication methods for self-service password reset. Supports $filter (eq). + * The collection of authentication behaviors set for the application. Authentication behaviors are unset by default and + * must be explicitly enabled (or disabled). Returned only on $select. For more information about authentication + * behaviors, see Manage application authenticationBehaviors to avoid unverified use of email claims for user + * identification or authorization. */ - isSsprEnabled?: boolean; + authenticationBehaviors?: NullableOption; + // Specifies the certification status of the application. + certification?: NullableOption; /** - * Indicates whether the user has registered the required number of authentication methods for self-service password - * reset. The user may not necessarily be allowed to perform self-service password reset by policy. Supports $filter (eq). + * The date and time the application was registered. The DateTimeOffset type represents date and time information using + * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. + * Supports $filter (eq, ne, not, ge, le, in, and eq on null values) and $orderby. */ - isSsprRegistered?: boolean; + createdDateTime?: NullableOption; /** - * Indicates whether system preferred authentication method is enabled. If enabled, the system dynamically determines the - * most secure authentication method among the methods registered by the user. Supports $filter (eq). + * The default redirect URI. If specified and there's no explicit redirect URI in the sign-in request for SAML and OIDC + * flows, Microsoft Entra ID sends the token to this redirect URI. Microsoft Entra ID also sends the token to this default + * URI in SAML IdP-initiated single sign-on. The value must match one of the configured redirect URIs for the application. */ - isSystemPreferredAuthenticationMethodEnabled?: NullableOption; + defaultRedirectUri?: NullableOption; /** - * The date and time (UTC) when the record was last updated. The DateTimeOffset type represents date and time information - * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Free text field to provide a description of the application object to end users. The maximum allowed size is 1,024 + * characters. Returned by default. Supports $filter (eq, ne, not, ge, le, startsWith) and $search. */ - lastUpdatedDateTime?: string; - // Collection of authentication methods registered, such as mobilePhone, email, fido2. Supports $filter (any with eq). - methodsRegistered?: NullableOption; + description?: NullableOption; /** - * Collection of authentication methods that the system determined to be the most secure authentication methods among the - * registered methods for second factor authentication. Possible values are: push, oath, voiceMobile, - * voiceAlternateMobile, voiceOffice, sms, none, unknownFutureValue. Supports $filter (any with eq). + * Specifies whether Microsoft has disabled the registered application. Possible values are: null (default value), + * NotDisabled, and DisabledDueToViolationOfServicesAgreement (reasons may include suspicious, abusive, or malicious + * activity, or a violation of the Microsoft Services Agreement). Supports $filter (eq, ne, not). */ - systemPreferredAuthenticationMethods?: NullableOption; - // The user display name, such as Adele Vance. Supports $filter (eq, startsWith) and $orderby. - userDisplayName?: string; + disabledByMicrosoftStatus?: NullableOption; /** - * The method the user selected as the default second-factor for performing multifactor authentication. Possible values - * are: push, oath, voiceMobile, voiceAlternateMobile, voiceOffice, sms, none, unknownFutureValue. + * The display name for the application. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null values), + * $search, and $orderby. */ - userPreferredMethodForSecondaryAuthentication?: NullableOption; - // The user principal name, such as AdeleV@contoso.com. Supports $filter (eq, startsWith) and $orderby. - userPrincipalName?: string; + displayName?: NullableOption; /** - * Identifies whether the user is a member or guest in the tenant. The possible values are: member, guest, - * unknownFutureValue. + * Configures the groups claim issued in a user or OAuth 2.0 access token that the application expects. To set this + * attribute, use one of the following string values: None, SecurityGroup (for security groups and Microsoft Entra roles), + * All (this gets all security groups, distribution groups, and Microsoft Entra directory roles that the signed-in user is + * a member of). */ - userType?: NullableOption; -} -export interface AuthenticationsMetric extends Entity { - appid?: NullableOption; - attemptsCount?: number; - country?: NullableOption; - factDate?: string; - os?: NullableOption; - successCount?: number; -} -export interface AzureADAuthentication extends Entity { - // A list of monthly serviceLevelAgreementAttainment objects. - attainments?: ServiceLevelAgreementAttainment[]; -} -export interface CredentialUsageSummary extends Entity { + groupMembershipClaims?: NullableOption; /** - * Represents the authentication method that the user used. Possible values are:email, mobileSMS, mobileCall, officePhone, - * securityQuestion (only used for self-service password reset), appNotification, appCode, alternateMobileCall (supported - * only in registration), fido, appPassword, unknownFutureValue. + * Also known as App ID URI, this value is set when an application is used as a resource app. The identifierUris acts as + * the prefix for the scopes you reference in your API's code, and it must be globally unique. You can use the default + * value provided, which is in the form api://<application-client-id>, or specify a more readable URI like + * https://contoso.com/api. For more information on valid identifierUris patterns and best practices, see Microsoft Entra + * application registration security best practices. Not nullable. Supports $filter (eq, ne, ge, le, startsWith). */ - authMethod?: UsageAuthMethod; - // Provides the count of failed resets or registration data. - failureActivityCount?: number; - // Defines the feature to report. Possible values are: registration, reset, unknownFutureValue. - feature?: FeatureType; - // Provides the count of successful registrations or resets. - successfulActivityCount?: number; -} -export interface CredentialUserRegistrationCount extends Entity { - // Provides the count of users with accountEnabled set to true in the tenant. - totalUserCount?: number; - // A collection of registration count and status information for users in your tenant. - userRegistrationCounts?: UserRegistrationCount[]; -} -export interface CredentialUserRegistrationDetails extends Entity { + identifierUris?: string[]; /** - * Represents the authentication method that the user has registered. Possible values are: email, mobilePhone, - * officePhone, securityQuestion (only used for self-service password reset), appNotification, appCode, - * alternateMobilePhone (supported only in registration), fido, appPassword, unknownFutureValue. + * Basic profile information of the application, such as it's marketing, support, terms of service, and privacy statement + * URLs. The terms of service and privacy statement are surfaced to users through the user consent experience. For more + * information, see How to: Add Terms of service and privacy statement for registered Microsoft Entra apps. Supports + * $filter (eq, ne, not, ge, le, and eq on null values). */ - authMethods?: RegistrationAuthMethod[]; - // Indicates whether the user is ready to perform self-service password reset or MFA. - isCapable?: boolean; - // Indicates whether the user enabled to perform self-service password reset. - isEnabled?: boolean; - // Indicates whether the user is registered for MFA. - isMfaRegistered?: boolean; - // Indicates whether the user has registered any authentication methods for self-service password reset. - isRegistered?: boolean; - // Provides the user name of the corresponding user. - userDisplayName?: string; - // Provides the user principal name of the corresponding user. - userPrincipalName?: string; -} -// tslint:disable-next-line: interface-name -export interface InactiveUsersByApplicationMetricBase extends Entity { - appId?: NullableOption; - factDate?: string; - inactive30DayCount?: NullableOption; - inactive60DayCount?: NullableOption; - inactive90DayCount?: NullableOption; -} -export interface DailyInactiveUsersByApplicationMetric extends InactiveUsersByApplicationMetricBase { - inactive1DayCount?: NullableOption; -} -// tslint:disable-next-line: interface-name -export interface InactiveUsersMetricBase extends Entity { - factDate?: string; - inactive30DayCount?: NullableOption; - inactive60DayCount?: NullableOption; - inactive90DayCount?: NullableOption; -} -export interface DailyInactiveUsersMetric extends InactiveUsersMetricBase { - inactive1DayCount?: NullableOption; -} -export interface DailyUserInsightMetricsRoot extends Entity { - activeUsers?: NullableOption; - activeUsersBreakdown?: NullableOption; - authentications?: NullableOption; - inactiveUsers?: NullableOption; - inactiveUsersByApplication?: NullableOption; - mfaCompletions?: NullableOption; - signUps?: NullableOption; - summary?: NullableOption; - userCount?: NullableOption; -} -export interface MfaCompletionMetric extends Entity { - appId?: NullableOption; - attemptsCount?: number; - factDate?: string; - mfaMethod?: NullableOption; - os?: NullableOption; - successCount?: number; -} -export interface UserSignUpMetric extends Entity { - count?: number; - factDate?: string; - os?: NullableOption; -} -// tslint:disable-next-line: interface-name -export interface InsightSummary extends Entity { - activeUsers?: number; - appId?: string; - authenticationCompletions?: number; - authenticationRequests?: number; - factDate?: string; - os?: string; - securityTextCompletions?: number; - securityTextRequests?: number; - securityVoiceCompletions?: number; - securityVoiceRequests?: number; -} -export interface UserCountMetric extends Entity { - count?: number; - factDate?: string; -} -export interface Directory extends Entity { - impactedResources?: NullableOption; - // List of recommended improvements to improve tenant posture. - recommendations?: NullableOption; - // The credentials of the device's local administrator account backed up to Microsoft Entra ID. - deviceLocalCredentials?: NullableOption; - // Conceptual container for user and group directory objects. - administrativeUnits?: NullableOption; - // Group of related custom security attribute definitions. - attributeSets?: NullableOption; - certificateAuthorities?: NullableOption; - // Schema of a custom security attributes (key-value pairs). - customSecurityAttributeDefinitions?: NullableOption; - deletedItems?: NullableOption; + info?: NullableOption; + // Specifies whether this application supports device authentication without a user. The default is false. + isDeviceOnlyAuthSupported?: NullableOption; /** - * Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed - * protocol. + * Specifies the fallback application type as public client, such as an installed application running on a mobile device. + * The default value is false, which means the fallback application type is confidential client such as a web app. There + * are certain scenarios where Microsoft Entra ID can't determine the client application type. For example, the ROPC flow + * where the application is configured without specifying a redirect URI. In those cases Microsoft Entra ID interprets the + * application type based on the value of this property. */ - federationConfigurations?: NullableOption; - // A collection of external Azure AD users whose profile data has been shared with the Azure AD tenant. Nullable. - inboundSharedUserProfiles?: NullableOption; - // A container for on-premises directory synchronization functionalities that are available for the organization. - onPremisesSynchronization?: NullableOption; - outboundSharedUserProfiles?: NullableOption; - sharedEmailDomains?: NullableOption; - // List of commercial subscriptions that an organization has acquired. - subscriptions?: NullableOption; - featureRolloutPolicies?: NullableOption; -} -// tslint:disable-next-line: interface-name -export interface ImpactedResource extends Entity { - // The date and time when the impactedResource object was initially associated with the recommendation. - addedDateTime?: string; - // Additional information unique to the impactedResource to help contextualize the recommendation. - additionalDetails?: NullableOption; - // The URL link to the corresponding Microsoft Entra resource. - apiUrl?: NullableOption; - // Friendly name of the Microsoft Entra resource. - displayName?: string; - // Name of the user or service that last updated the status. - lastModifiedBy?: string; - // The date and time when the status was last updated. - lastModifiedDateTime?: string; - // The user responsible for maintaining the resource. - owner?: NullableOption; - // The URL link to the corresponding Microsoft Entra admin center page of the resource. - portalUrl?: NullableOption; - // The future date and time when the status of a postponed impactedResource will be active again. - postponeUntilDateTime?: NullableOption; - // Indicates the importance of the resource. A resource with a rank equal to 1 is of the highest importance. - rank?: NullableOption; - // The unique identifier of the recommendation that the resource is associated with. - recommendationId?: string; - // Indicates the type of Microsoft Entra resource. Examples include user, application. - resourceType?: string; + isFallbackPublicClient?: NullableOption; + // The collection of key credentials associated with the application. Not nullable. Supports $filter (eq, not, ge, le). + keyCredentials?: KeyCredential[]; + // The main logo for the application. Not nullable. + logo?: any; + // Notes relevant for the management of the application. + notes?: NullableOption; /** - * Indicates whether a resource needs to be addressed. The possible values are: active, completedBySystem, - * completedByUser, dismissed, postponed, unknownFutureValue. By default, a recommendation's status is set to active when - * the recommendation is first generated. Status is set to completedBySystem when our service detects that a resource - * which was once active no longer applies. + * Represents the set of properties required for configuring Application Proxy for this application. Configuring these + * properties allows you to publish your on-premises application for secure remote access. */ - status?: RecommendationStatus; + onPremisesPublishing?: NullableOption; /** - * The related unique identifier, depending on the resourceType. For example, this property is set to the applicationId if - * the resourceType is an application. + * Application developers can configure optional claims in their Microsoft Entra applications to specify the claims that + * are sent to their application by the Microsoft security token service. For more information, see How to: Provide + * optional claims to your app. */ - subjectId?: string; -} -export interface RecommendationBase extends Entity { - // List of actions to take to complete a recommendation. - actionSteps?: NullableOption; + optionalClaims?: NullableOption; + // Specifies parental control settings for an application. + parentalControlSettings?: NullableOption; + // The collection of password credentials associated with the application. Not nullable. + passwordCredentials?: PasswordCredential[]; + // Specifies settings for installed clients such as desktop or mobile devices. + publicClient?: NullableOption; + // The verified publisher domain for the application. Read-only. Supports $filter (eq, ne, ge, le, startsWith). + publisherDomain?: NullableOption; + // Specifies whether this application requires Microsoft Entra ID to verify the signed authentication requests. + requestSignatureVerification?: NullableOption; /** - * An explanation of why completing the recommendation will benefit you. Corresponds to the Value section of a - * recommendation shown in the Microsoft Entra admin center. + * Specifies the resources that the application needs to access. This property also specifies the set of delegated + * permissions and application roles that it needs for each of those resources. This configuration of access to the + * required resources drives the consent experience. No more than 50 resource services (APIs) can be configured. Beginning + * mid-October 2021, the total number of required permissions must not exceed 400. For more information, see Limits on + * requested permissions per app. Not nullable. Supports $filter (eq, not, ge, le). */ - benefits?: NullableOption; + requiredResourceAccess?: RequiredResourceAccess[]; /** - * Indicates the category of intelligent guidance that the recommendation falls under. The possible values are: - * identityBestPractice, identitySecureScore, unknownFutureValue. + * The URL where the service exposes SAML metadata for federation. This property is valid only for single-tenant + * applications. Nullable. */ - category?: RecommendationCategory; - // The date and time when the recommendation was detected as applicable to your directory. - createdDateTime?: string; - // The number of points the tenant has attained. Only applies to recommendations with category set to identitySecureScore. - currentScore?: NullableOption; - // The title of the recommendation. - displayName?: string; - // The directory feature that the recommendation is related to. - featureAreas?: NullableOption; - // The future date and time when a recommendation should be completed. - impactStartDateTime?: NullableOption; + samlMetadataUrl?: NullableOption; + // References application or service contact information from a Service or Asset Management database. Nullable. + serviceManagementReference?: NullableOption; /** - * Indicates the scope of impact of a recommendation. Tenant level indicates that the recommendation impacts the whole - * tenant. Other possible values include users, applications. + * Specifies whether sensitive properties of a multitenant application should be locked for editing after the application + * is provisioned in a tenant. Nullable. null by default. */ - impactType?: NullableOption; + servicePrincipalLockConfiguration?: NullableOption; /** - * Describes why a recommendation uniquely applies to your directory. Corresponds to the Description section of a - * recommendation shown in the Microsoft Entra admin center. + * Specifies the Microsoft accounts that are supported for the current application. The possible values are: AzureADMyOrg + * (default), AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, and PersonalMicrosoftAccount. See more in the + * table. The value of this object also limits the number of permissions an app can request. For more information, see + * Limits on requested permissions per app. The value for this property has implications on other app object properties. + * As a result, if you change this property, you may need to change other properties first. For more information, see + * Validation differences for signInAudience.Supports $filter (eq, ne, not). */ - insights?: NullableOption; - // The most recent date and time a recommendation was deemed applicable to your directory. - lastCheckedDateTime?: NullableOption; - // Name of the user who last updated the status of the recommendation. - lastModifiedBy?: NullableOption; - // The date and time the status of a recommendation was last updated. - lastModifiedDateTime?: NullableOption; - // The maximum number of points attainable. Only applies to recommendations with category set to identitySecureScore. - maxScore?: NullableOption; - // The future date and time when the status of a postponed recommendation will be active again. - postponeUntilDateTime?: NullableOption; + signInAudience?: NullableOption; /** - * Indicates the time sensitivity for a recommendation to be completed. Microsoft auto assigns this value. The possible - * values are: low, medium, high. + * Specifies settings for a single-page application, including sign out URLs and redirect URIs for authorization codes and + * access tokens. */ - priority?: RecommendationPriority; + spa?: NullableOption; /** - * Friendly shortname to identify the recommendation. The possible values are: adfsAppsMigration, enableDesktopSSO, - * enablePHS, enableProvisioning, switchFromPerUserMFA, tenantMFA, thirdPartyApps, turnOffPerUserMFA, useAuthenticatorApp, - * useMyApps, staleApps, staleAppCreds, applicationCredentialExpiry, servicePrincipalKeyExpiry, adminMFAV2, - * blockLegacyAuthentication, integratedApps, mfaRegistrationV2, pwagePolicyNew, passwordHashSync, oneAdmin, roleOverlap, - * selfServicePasswordReset, signinRiskPolicy, userRiskPolicy, verifyAppPublisher, privateLinkForAAD, - * appRoleAssignmentsGroups, appRoleAssignmentsUsers, managedIdentity, overprivilegedApps, unknownFutureValue, - * longLivedCredentials, aadConnectDeprecated, adalToMsalMigration, ownerlessApps, inactiveGuests. Also, please note that - * you must use the Prefer: include-unknown-enum-members request header to get the following value(s) in this evolvable - * enum: longLivedCredentials, aadConnectDeprecated, adalToMsalMigration, ownerlessApps, inactiveGuests. + * Custom strings that can be used to categorize and identify the application. Not nullable. Strings added here also + * appear in the tags property of any associated service principals.Supports $filter (eq, not, ge, le, startsWith) and + * $search. */ - recommendationType?: NullableOption; + tags?: string[]; /** - * The current release type of the recommendation. The possible values are: preview, generallyAvailable, - * unknownFutureValue. + * Specifies the keyId of a public key from the keyCredentials collection. When configured, Microsoft Entra ID encrypts + * all the tokens it emits by using the key this property points to. The application code that receives the encrypted + * token must use the matching private key to decrypt the token before it can be used for the signed-in user. */ - releaseType?: NullableOption; + tokenEncryptionKeyId?: NullableOption; + // The unique identifier that can be assigned to an application and used as an alternate key. Immutable. Read-only. + uniqueName?: NullableOption; /** - * Description of the impact on users of the remediation. Only applies to recommendations with category set to - * identitySecureScore. + * Specifies the verified publisher of the application. For more information about how publisher verification helps + * support application security, trustworthiness, and compliance, see Publisher verification. */ - remediationImpact?: NullableOption; + verifiedPublisher?: NullableOption; + // Specifies settings for a web application. + web?: NullableOption; + // Specifies settings for apps running Microsoft Windows and published in the Microsoft Store or Xbox games store. + windows?: NullableOption; + // The appManagementPolicy applied to this application. + appManagementPolicies?: NullableOption; + // The connectorGroup the application is using with Microsoft Entra application proxy. Nullable. + connectorGroup?: NullableOption; + // Supports $filter (/$count eq 0, /$count ne 0). Read-only. + createdOnBehalfOf?: NullableOption; + // Read-only. Nullable. Supports $expand and $filter (/$count eq 0, /$count ne 0). + extensionProperties?: NullableOption; + // Federated identities for applications. Supports $expand and $filter (startsWith, /$count eq 0, /$count ne 0). + federatedIdentityCredentials?: NullableOption; + homeRealmDiscoveryPolicies?: NullableOption; /** - * Indicates the status of the recommendation based on user or system action. The possible values are: active, - * completedBySystem, completedByUser, dismissed, postponed, unknownFutureValue. By default, a recommendation's status is - * set to active when the recommendation is first generated. Status is set to completedBySystem when our service detects - * that a recommendation which was previously active no longer applies. + * Directory objects that are owners of the application. Read-only. Nullable. Supports $expand, $filter (/$count eq 0, + * /$count ne 0, /$count eq 1, /$count ne 1), and $select nested in $expand. */ - status?: RecommendationStatus; - // The list of directory objects associated with the recommendation. - impactedResources?: NullableOption; + owners?: NullableOption; + // Represents the capability for Microsoft Entra identity synchronization through the Microsoft Graph API. + synchronization?: NullableOption; + tokenIssuancePolicies?: NullableOption; + // The tokenLifetimePolicies assigned to this application. Supports $expand. + tokenLifetimePolicies?: NullableOption; } // tslint:disable-next-line: no-empty-interface -export interface Recommendation extends RecommendationBase {} -export interface DeviceLocalCredentialInfo extends Entity { - // The credentials of the device's local administrator account backed up to Azure Active Directory. - credentials?: DeviceLocalCredential[]; - // Display name of the device that the local credentials are associated with. - deviceName?: string; - // When the local administrator account credential was backed up to Microsoft Entra ID. - lastBackupDateTime?: string; - // When the local administrator account credential will be refreshed and backed up to Microsoft Entra ID. - refreshDateTime?: string; -} -export interface AdministrativeUnit extends DirectoryObject { - // An optional description for the administrative unit. Supports $filter (eq, ne, in, startsWith), $search. - description?: NullableOption; +export interface ApplicationSegment extends Entity {} +export interface ApplicationSignInDetailedSummary extends Entity { /** - * Display name for the administrative unit. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null - * values), $search, and $orderby. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - displayName?: NullableOption; + aggregatedEventDateTime?: NullableOption; + // Name of the application that the user signed in to. + appDisplayName?: string; + // ID of the application that the user signed in to. + appId?: string; + // Count of sign-ins made by the application. + signInCount?: NullableOption; + // Details of the sign-in status. + status?: NullableOption; +} +export interface ApplicationSignInSummary extends Entity { + // Name of the application that the user signed into. + appDisplayName?: string; + // Count of failed sign-ins made by the application. + failedSignInCount?: NullableOption; + // Count of successful sign-ins made by the application. + successfulSignInCount?: NullableOption; + // Percentage of successful sign-ins made by the application. + successPercentage?: NullableOption; +} +export interface ApplicationTemplate extends Entity { /** - * true if members of this administrative unit should be treated as sensitive, which requires specific permissions to - * manage. Default value is false. Use this property to define administrative units whose roles don't inherit from - * tenant-level administrators, and management of individual member objects is limited to administrators scoped to a - * restricted management administrative unit. Immutable, so can't be changed later. For more information about working - * with restricted management administrative units, see Restricted management administrative units in Microsoft Entra ID. + * The list of categories for the application. Supported values can be: Collaboration, Business Management, Consumer, + * Content management, CRM, Data services, Developer services, E-commerce, Education, ERP, Finance, Health, Human + * resources, IT infrastructure, Mail, Management, Marketing, Media, Productivity, Project management, Telecommunications, + * Tools, Travel, and Web design & hosting. */ - isMemberManagementRestricted?: NullableOption; + categories?: NullableOption; + // A description of the application. + description?: NullableOption; + // The name of the application. + displayName?: NullableOption; + // The home page URL of the application. + homePageUrl?: NullableOption; + informationalUrls?: NullableOption; + // The URL to get the logo for this application. + logoUrl?: NullableOption; + // The name of the publisher for this application. + publisher?: NullableOption; + supportedClaimConfiguration?: NullableOption; + // The list of provisioning modes supported by this application. The only valid value is sync. + supportedProvisioningTypes?: NullableOption; /** - * Controls whether the administrative unit and its members are hidden or public. Can be set to HiddenMembership or - * Public. If not set, the default behavior is Public. When set to HiddenMembership, only members of the administrative - * unit can list other members of the administrative unit. + * The list of single sign-on modes supported by this application. The supported values are oidc, password, saml, and + * notSupported. */ - visibility?: NullableOption; - // Users and groups that are members of this administrative unit. Supports $expand. - members?: NullableOption; - // Scoped-role members of this administrative unit. - scopedRoleMembers?: NullableOption; - // The collection of open extensions defined for this administrative unit. Nullable. - extensions?: NullableOption; + supportedSingleSignOnModes?: NullableOption; } -export interface AttributeSet extends Entity { - /** - * Description of the attribute set. Can be up to 128 characters long and include Unicode characters. Can be changed - * later. - */ - description?: NullableOption; +export interface AppLogCollectionRequest extends Entity { + // Time at which the upload log request reached a completed state if not completed yet NULL will be returned. + completedDateTime?: NullableOption; + // List of log folders. + customLogFolders?: NullableOption; + // Indicates error message if any during the upload process. + errorMessage?: NullableOption; /** - * Maximum number of custom security attributes that can be defined in this attribute set. Default value is null. If not - * specified, the administrator can add up to the maximum of 500 active attributes per tenant. Can be changed later. + * Indicates the status for the app log collection request if it is pending, completed or failed, Default is pending. + * Possible values are: pending, completed, failed, unknownFutureValue. */ - maxAttributesPerSet?: NullableOption; + status?: AppLogUploadState; } -export interface CertificateAuthorityPath extends Entity { +export interface AppManagementPolicy extends PolicyBase { + // Denotes whether the policy is enabled. + isEnabled?: boolean; + // Restrictions that apply to an application or service principal object. + restrictions?: NullableOption; + // Collection of application and service principals to which a policy is applied. + appliesTo?: NullableOption; +} +export interface AppRoleAssignment extends Entity { /** - * Defines the trusted certificate authorities for certificates that can be added to apps and service principals in the - * tenant. + * The identifier (id) for the app role which is assigned to the principal. This app role must be exposed in the appRoles + * property on the resource application's service principal (resourceId). If the resource application has not declared any + * app roles, a default app role ID of 00000000-0000-0000-0000-000000000000 can be specified to signal that the principal + * is assigned to the resource app without any specific app roles. Required on create. */ - certificateBasedApplicationConfigurations?: NullableOption; -} -export interface CustomSecurityAttributeDefinition extends Entity { - // Name of the attribute set. Case insensitive. - attributeSet?: string; + appRoleId?: string; /** - * Description of the custom security attribute. Can be up to 128 characters long and include Unicode characters. Can be - * changed later. + * The time when the app role assignment was created. The Timestamp type represents date and time information using ISO + * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - description?: NullableOption; + creationTimestamp?: NullableOption; /** - * Indicates whether multiple values can be assigned to the custom security attribute. Cannot be changed later. If type is - * set to Boolean, isCollection cannot be set to true. + * The display name of the user, group, or service principal that was granted the app role assignment. Read-only. Supports + * $filter (eq and startswith). */ - isCollection?: boolean; + principalDisplayName?: NullableOption; /** - * Indicates whether custom security attribute values are indexed for searching on objects that are assigned attribute - * values. Cannot be changed later. + * The unique identifier (id) for the user, security group, or service principal being granted the app role. Security + * groups with dynamic memberships are supported. Required on create. */ - isSearchable?: NullableOption; + principalId?: NullableOption; + // The type of the assigned principal. This can either be User, Group, or ServicePrincipal. Read-only. + principalType?: NullableOption; + // The display name of the resource app's service principal to which the assignment is made. + resourceDisplayName?: NullableOption; /** - * Name of the custom security attribute. Must be unique within an attribute set. Can be up to 32 characters long and - * include Unicode characters. Cannot contain spaces or special characters. Cannot be changed later. Case insensitive. + * The unique identifier (id) for the resource service principal for which the assignment is made. Required on create. + * Supports $filter (eq only). */ - name?: string; + resourceId?: NullableOption; +} +export interface Approval extends Entity { + // Used to represent the decision associated with a single step in the approval process configured in approvalStage. + steps?: NullableOption; +} +export interface ApprovalStep extends Entity { + // Indicates whether the step is assigned to the calling user to review. Read-only. + assignedToMe?: NullableOption; + // The label provided by the policy creator to identify an approval step. Read-only. + displayName?: NullableOption; + // The justification associated with the approval step decision. + justification?: NullableOption; /** - * Specifies whether the custom security attribute is active or deactivated. Acceptable values are: Available and - * Deprecated. Can be changed later. + * The identifier of the reviewer. 00000000-0000-0000-0000-000000000000 if the assigned reviewer hasn't reviewed. + * Read-only. */ - status?: string; + reviewedBy?: NullableOption; /** - * Data type for the custom security attribute values. Supported types are: Boolean, Integer, and String. Cannot be - * changed later. + * The date and time when a decision was recorded. The date and time information uses ISO 8601 format and is always in UTC + * time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - type?: string; + reviewedDateTime?: NullableOption; + // The result of this approval record. Possible values include: NotReviewed, Approved, Denied. + reviewResult?: NullableOption; + // The step status. Possible values: InProgress, Initializing, Completed, Expired. Read-only. + status?: NullableOption; +} +export interface ApprovalWorkflowProvider extends Entity { + displayName?: string; + businessFlows?: NullableOption; + businessFlowsWithRequestsAwaitingMyDecision?: NullableOption; + policyTemplates?: NullableOption; +} +export interface AppScope extends Entity { /** - * Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form - * values are allowed. Can later be changed from true to false, but cannot be changed from false to true. If type is set - * to Boolean, usePreDefinedValuesOnly cannot be set to true. + * Provides the display name of the app-specific resource represented by the app scope. Provided for display purposes + * since appScopeId is often an immutable, non-human-readable id. This property is read only. */ - usePreDefinedValuesOnly?: NullableOption; + displayName?: NullableOption; /** - * Values that are predefined for this custom security attribute. This navigation property is not returned by default and - * must be specified in an $expand query. For example, - * /directory/customSecurityAttributeDefinitions?$expand=allowedValues. + * Describes the type of app-specific resource represented by the app scope and is provided for display purposes, so a + * user interface can convey to the user the kind of app specific resource represented by the app scope. This property is + * read only. */ - allowedValues?: NullableOption; + type?: NullableOption; } -// tslint:disable-next-line: interface-name -export interface IdentityProviderBase extends Entity { - // The display name of the identity provider. +export interface AppVulnerabilityManagedDevice extends Entity { + // The device name. displayName?: NullableOption; + // The created date. + lastSyncDateTime?: string; + // The Intune managed device ID. + managedDeviceId?: NullableOption; } -// tslint:disable-next-line: interface-name -export interface InboundSharedUserProfile { - // The name displayed in the address book for the user at the time when the sharing record was created. Read-only. - displayName?: string; - // The home tenant id of the external user. Read-only. - homeTenantId?: string; - // The object id of the external user. Read-only. - userId?: string; - // The user principal name (UPN) of the external user. Read-only. - userPrincipalName?: string; +export interface AppVulnerabilityMobileApp extends Entity { + // The created date. + createdDateTime?: string; + // The device name. + displayName?: NullableOption; + // The last modified date. + lastModifiedDateTime?: string; + // The Intune mobile app ID. + mobileAppId?: NullableOption; + // The app type. + mobileAppType?: NullableOption; + // The app version. + version?: NullableOption; } -export interface OnPremisesDirectorySynchronization extends Entity { - /** - * Consists of configurations that can be fine-tuned and impact the on-premises directory synchronization process for a - * tenant. - */ - configuration?: NullableOption; - // Consists of directory synchronization features that can be enabled or disabled. - features?: OnPremisesDirectorySynchronizationFeature; +export interface AppVulnerabilityTask extends DeviceAppManagementTask { + // The app name. + appName?: NullableOption; + // The app publisher. + appPublisher?: NullableOption; + // The app version. + appVersion?: NullableOption; + // Information about the mitigation. + insights?: NullableOption; + // The number of vulnerable devices. + managedDeviceCount?: number; + // The mitigation type. Possible values are: unknown, update, uninstall, securityConfiguration. + mitigationType?: AppVulnerabilityTaskMitigationType; + // The number of vulnerable mobile apps. + mobileAppCount?: number; + // The remediation steps. + remediation?: NullableOption; + // The vulnerable managed devices. + managedDevices?: NullableOption; + // The vulnerable mobile apps. + mobileApps?: NullableOption; } -export interface OutboundSharedUserProfile { - // The object id of the external user. Read-only. - userId?: string; - // The collection of external Microsoft Entra tenants that the user has shared profile data with. Read-only. - tenants?: NullableOption; +export interface AssignedComputeInstanceDetails extends Entity { + // Represents a set of S3 buckets accessed by this EC2 instance. + accessedStorageBuckets?: NullableOption; + // assigned EC2 instance. + assignedComputeInstance?: NullableOption; } -export interface SharedEmailDomain extends Entity { - provisioningStatus?: NullableOption; +export interface AssignmentFilterEvaluationStatusDetails extends Entity { + // PayloadId on which filter has been applied. + payloadId?: NullableOption; } -export interface CompanySubscription extends Entity { - // The ID of this subscription in the commerce system. Alternate key. - commerceSubscriptionId?: NullableOption; +// tslint:disable-next-line: no-empty-interface +export interface AssociatedTeamInfo extends TeamInfo {} +export interface Attachment extends Entity { + // The MIME type. + contentType?: NullableOption; + // true if the attachment is an inline attachment; otherwise, false. + isInline?: boolean; /** - * The date and time when this subscription was created. The DateTimeOffset type represents date and time information - * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ - createdDateTime?: NullableOption; - // Whether the subscription is a free trial or purchased. - isTrial?: NullableOption; + lastModifiedDateTime?: NullableOption; + // The display name of the attachment. This does not need to be the actual file name. + name?: NullableOption; + // The length of the attachment in bytes. + size?: number; +} +export interface AttachmentBase extends Entity { + // The MIME type. + contentType?: NullableOption; /** - * The date and time when the subscription will move to the next state (as defined by the status property) if not renewed - * by the tenant. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC - * time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - nextLifecycleDateTime?: NullableOption; - ocpSubscriptionId?: NullableOption; - // The object ID of the account admin. - ownerId?: NullableOption; - // The unique identifier for the Microsoft partner tenant that created the subscription on a customer tenant. - ownerTenantId?: NullableOption; - // Indicates the entity that ownerId belongs to, for example, 'User'. - ownerType?: NullableOption; - // The provisioning status of each service that's included in this subscription. - serviceStatus?: ServicePlanInfo[]; - // The object ID of the SKU associated with this subscription. - skuId?: NullableOption; - // The SKU associated with this subscription. - skuPartNumber?: NullableOption; - // The status of this subscription. Possible values are: Enabled, Deleted, Suspended, Warning, LockedOut. - status?: NullableOption; - // The number of seats included in this subscription. - totalLicenses?: NullableOption; + lastModifiedDateTime?: NullableOption; + // The display name of the attachment. This doesn't need to be the actual file name. + name?: NullableOption; + // The length of the attachment in bytes. + size?: number; } -export interface FeatureRolloutPolicy extends Entity { - // A description for this feature rollout policy. - description?: NullableOption; - // The display name for this feature rollout policy. - displayName?: string; - // Possible values are: passthroughAuthentication, seamlessSso, passwordHashSync, emailAsAlternateId, unknownFutureValue. - feature?: StagedFeatureName; - // Indicates whether this feature rollout policy should be applied to the entire organization. - isAppliedToOrganization?: boolean; - // Indicates whether the feature rollout is enabled. - isEnabled?: boolean; - // Nullable. Specifies a list of directoryObjects that feature is enabled for. - appliesTo?: NullableOption; +export interface AttachmentSession extends Entity { + // The content streams that are uploaded. + content?: NullableOption; + /** + * The date and time in UTC when the upload session will expire. The complete file must be uploaded before this expiration + * time is reached. + */ + expirationDateTime?: NullableOption; + // Indicates a single value {start} that represents the location in the file where the next upload should begin. + nextExpectedRanges?: NullableOption; } -export interface GovernanceInsight extends Entity { - // Indicates when the insight was created. - insightCreatedDateTime?: NullableOption; +export interface AttackSimulationOperation extends LongRunningOperation { + // Percentage of completion of the respective operation. + percentageCompleted?: number; + // Tenant identifier. + tenantId?: NullableOption; + // The attack simulation operation type. Possible values are: createSimulation, updateSimulation, unknownFutureValue. + type?: NullableOption; } -export interface MembershipOutlierInsight extends GovernanceInsight { - // Indicates the identifier of the container, for example, a group ID. - containerId?: string; - // Indicates the identifier of the user. - memberId?: string; - // Indicates the type of container. The possible values are: group, unknownFutureValue. - outlierContainerType?: OutlierContainerType; - // Indicates the type of outlier member. The possible values are: user, unknownFutureValue. - outlierMemberType?: OutlierMemberType; - // Navigation link to the container directory object. For example, to a group. - container?: NullableOption; - // Navigation link to a member object who modified the record. For example, to a user. - lastModifiedBy?: NullableOption; - // Navigation link to a member object. For example, to a user. - member?: NullableOption; +export interface AttackSimulationRoot extends Entity { + // Represents an end user's notification for an attack simulation training. + endUserNotifications?: NullableOption; + // Represents an attack simulation training landing page. + landingPages?: NullableOption; + // Represents an attack simulation training login page. + loginPages?: NullableOption; + // Represents an attack simulation training operation. + operations?: NullableOption; + // Represents an attack simulation training campaign payload in a tenant. + payloads?: NullableOption; + // Represents simulation automation created to run on a tenant. + simulationAutomations?: NullableOption; + // Represents an attack simulation training campaign in a tenant. + simulations?: NullableOption; + // Represents a training campaign in a tenant. + trainingCampaigns?: NullableOption; + // Represents details about attack simulation trainings. + trainings?: NullableOption; } -export interface MonthlyInactiveUsersByApplicationMetric extends InactiveUsersByApplicationMetricBase { - inactiveCalendarMonthCount?: NullableOption; +export interface AttendanceRecord extends Entity { + // List of time periods between joining and leaving a meeting. + attendanceIntervals?: NullableOption; + // Email address of the user associated with this attendance record. + emailAddress?: NullableOption; + /** + * Identity of the user associated with this attendance record. The specific type will be one of the following derived + * types of identity, depending on the type of the user: communicationsUserIdentity, + * azureCommunicationServicesUserIdentity. + */ + identity?: NullableOption; + // Unique identifier of a meetingRegistrant. Presents when the participant has registered for the meeting. + registrantId?: NullableOption; + // Role of the attendee. Possible values are: None, Attendee, Presenter, and Organizer. + role?: NullableOption; + // Total duration of the attendances in seconds. + totalAttendanceInSeconds?: NullableOption; } -export interface MonthlyInactiveUsersMetric extends InactiveUsersMetricBase { - inactiveCalendarMonthCount?: NullableOption; +export interface AttributeMappingFunctionSchema extends Entity { + // Collection of function parameters. + parameters?: NullableOption; } -export interface MonthlyUserInsightMetricsRoot extends Entity { - activeUsers?: NullableOption; - activeUsersBreakdown?: NullableOption; - authentications?: NullableOption; - inactiveUsers?: NullableOption; - inactiveUsersByApplication?: NullableOption; - mfaCompletions?: NullableOption; - requests?: NullableOption; - signUps?: NullableOption; - summary?: NullableOption; +export interface AttributeSet extends Entity { + /** + * Description of the attribute set. Can be up to 128 characters long and include Unicode characters. Can be changed + * later. + */ + description?: NullableOption; + /** + * Maximum number of custom security attributes that can be defined in this attribute set. Default value is null. If not + * specified, the administrator can add up to the maximum of 500 active attributes per tenant. Can be changed later. + */ + maxAttributesPerSet?: NullableOption; } -export interface UserRequestsMetric extends Entity { - factDate?: string; - requestCount?: number; +export interface AudioRoutingGroup extends Entity { + // List of receiving participant ids. + receivers?: NullableOption; + // Routing group mode. Possible values are: oneToOne, multicast. + routingMode?: RoutingMode; + // List of source participant ids. + sources?: NullableOption; } -export interface RelyingPartyDetailedSummary extends Entity { - // Number of failed sign in on Active Directory Federation Service in the period specified. - failedSignInCount?: number; +export interface AuditEvent extends Entity { + // Friendly name of the activity. + activity?: NullableOption; + // The date time in UTC when the activity was performed. + activityDateTime?: string; + // The HTTP operation type of the activity. + activityOperationType?: NullableOption; + // The result of the activity. + activityResult?: NullableOption; + // The type of activity that was being performed. + activityType?: NullableOption; + // AAD user and application that are associated with the audit event. + actor?: NullableOption; + // Audit category. + category?: NullableOption; + // Component name. + componentName?: NullableOption; + // The client request Id that is used to correlate activity within the system. + correlationId?: string; + // Event display name. + displayName?: NullableOption; + // Resources being modified. + resources?: NullableOption; +} +export interface AuditLogRoot { + // Represents a custom security attribute audit log. + customSecurityAttributeAudits?: NullableOption; + directoryAudits?: NullableOption; + directoryProvisioning?: NullableOption; + // Represents an action performed by the Microsoft Entra provisioning service and its associated properties. + provisioning?: NullableOption; + signIns?: NullableOption; +} +export interface Authentication extends Entity { /** - * Indication of whether the application can be moved to Microsoft Entra ID or require more investigation. Possible values - * are: ready, needsReview, additionalStepsRequired, unknownFutureValue. + * The settings and preferences for to the sign-in experience of a user. Use this property to configure the user's default + * multifactor authentication (MFA) method. */ - migrationStatus?: MigrationStatus; + signInPreferences?: NullableOption; + // Represents the email addresses registered to a user for authentication. + emailMethods?: NullableOption; + // Represents the FIDO2 security keys registered to a user for authentication. + fido2Methods?: NullableOption; + // Represents all authentication methods registered to a user. + methods?: NullableOption; + // The details of the Microsoft Authenticator app registered to a user for authentication. + microsoftAuthenticatorMethods?: NullableOption; + operations?: NullableOption; + // Represents the Microsoft Authenticator Passwordless Phone Sign-in methods registered to a user for authentication. + passwordlessMicrosoftAuthenticatorMethods?: NullableOption; + // Represents the details of the password authentication method registered to a user for authentication. + passwordMethods?: NullableOption; + // Represents the phone registered to a user for authentication. + phoneMethods?: NullableOption; + platformCredentialMethods?: NullableOption; + softwareOathMethods?: NullableOption; + // Represents a Temporary Access Pass registered to a user for authentication through time-limited passcodes. + temporaryAccessPassMethods?: NullableOption; + // Represents the Windows Hello for Business authentication method registered to a user for authentication. + windowsHelloForBusinessMethods?: NullableOption; +} +export interface AuthenticationCombinationConfiguration extends Entity { /** - * Specifies all the validations check done on applications configuration details to evaluate if the application is ready - * to be moved to Microsoft Entra ID. + * Which authentication method combinations this configuration applies to. Must be an allowedCombinations object defined + * for the authenticationStrengthPolicy. For fido2combinationConfigurations use 'fido2', for + * x509certificatecombinationconfiguration use 'x509CertificateSingleFactor' or 'x509CertificateMultiFactor'. */ - migrationValidationDetails?: KeyValuePair[]; + appliesToCombinations?: AuthenticationMethodModes[]; +} +export interface AuthenticationConditionApplication { + // The identifier for an application corresponding to a condition which will trigger an authenticationEventListener. + appId?: string; +} +export interface AuthenticationContextClassReference extends Entity { /** - * This identifier is used to identify the relying party to this Federation Service. It is used when issuing claims to the - * relying party. + * A short explanation of the policies that are enforced by authenticationContextClassReference. This value should be used + * to provide secondary text to describe the authentication context class reference when building user facing admin + * experiences. For example, selection UX. */ - relyingPartyId?: string; + description?: NullableOption; /** - * Name of application or other entity on the internet that uses an identity provider to authenticate a user who wants to - * log in. + * A friendly name that identifies the authenticationContextClassReference object when building user-facing admin + * experiences. For example, a selection UX. */ - relyingPartyName?: string; - // Specifies where the relying party expects to receive the token. - replyUrls?: string[]; - // Uniquely identifies the Active Directory forest. - serviceId?: string; + displayName?: NullableOption; /** - * Number of successful / (number of successful + number of failed sign ins) on Active Directory Federation Service in the - * period specified. + * Indicates whether the authenticationContextClassReference has been published by the security admin and is ready for use + * by apps. When it's set to false, it shouldn't be shown in selection UX used to tag resources with authentication + * context class values. It will still be shown in the Conditional Access policy authoring experience. Supports $filter + * (eq). */ - signInSuccessRate?: number; - // Number of successful sign ins on Active Directory Federation Service. - successfulSignInCount?: number; - // Number of successful + failed sign ins failed sign ins on Active Directory Federation Service in the period specified. - totalSignInCount?: number; - // Number of unique users that have signed into the application. - uniqueUserCount?: number; + isAvailable?: NullableOption; } -export interface ReportRoot extends Entity { - // Represents a collection of sign-in activities of application credentials. - appCredentialSignInActivities?: NullableOption; - // Represents a detailed summary of an application sign-in. - applicationSignInDetailedSummary?: NullableOption; - // Container for navigation properties for Microsoft Entra authentication methods resources. - authenticationMethods?: NullableOption; - // Details of the usage of self-service password reset and multi-factor authentication (MFA) for all registered users. - credentialUserRegistrationDetails?: NullableOption; - // A placeholder to the Microsoft Entra service activity. - serviceActivity?: NullableOption; - // Represents a collection of sign-in activities of service principals. - servicePrincipalSignInActivities?: NullableOption; - // A placeholder to allow for the desired URL path for SLA. - sla?: NullableOption; - // Represents the self-service password reset (SSPR) usage for a given tenant. - userCredentialUsageDetails?: NullableOption; - userInsights?: NullableOption; - dailyPrintUsage?: NullableOption; - // Retrieve a list of daily print usage summaries, grouped by printer. - dailyPrintUsageByPrinter?: NullableOption; - // Retrieve a list of daily print usage summaries, grouped by user. - dailyPrintUsageByUser?: NullableOption; - dailyPrintUsageSummariesByPrinter?: NullableOption; - dailyPrintUsageSummariesByUser?: NullableOption; - // Retrieve a list of monthly print usage summaries, grouped by printer. - monthlyPrintUsageByPrinter?: NullableOption; - // Retrieve a list of monthly print usage summaries, grouped by user. - monthlyPrintUsageByUser?: NullableOption; - monthlyPrintUsageSummariesByPrinter?: NullableOption; - monthlyPrintUsageSummariesByUser?: NullableOption; - // Provides the ability to launch a realistically simulated phishing attack that organizations can learn from. - security?: NullableOption; +export interface AuthenticationEventListener extends Entity { + // The identifier of the authenticationEventsFlow object. + authenticationEventsFlowId?: NullableOption; + // The conditions on which this authenticationEventListener should trigger. + conditions?: NullableOption; + // The priority of this handler. Between 0 (lower priority) and 1000 (higher priority). + priority?: number; } -// tslint:disable-next-line: no-empty-interface -export interface ServiceActivity extends Entity {} -export interface ServicePrincipalSignInActivity extends Entity { - // The application ID of the resource. - appId?: string; +export interface AuthenticationEventsFlow extends Entity { /** - * The sign-in activity of the application in a app-only authentication flow (app-to-app tokens) where the application - * acts like a client. + * The conditions representing the context of the authentication request that will be used to decide whether the events + * policy will be invoked. */ - applicationAuthenticationClientSignInActivity?: NullableOption; + conditions?: NullableOption; + // The description of the events policy. + description?: NullableOption; + // Required. The display name for the events policy. + displayName?: string; /** - * The sign-in activity of the application in a app-only authentication flow (app-to-app tokens) where the application - * acts like a resource. + * The priority to use for each individual event of the events policy. If multiple competing listeners for an event have + * the same priority, one is chosen and an error is silently logged. Defaults to 500. */ - applicationAuthenticationResourceSignInActivity?: NullableOption; - // The sign-in activity of the application in a delegated flow (user sign-in) where the application acts like a client. - delegatedClientSignInActivity?: NullableOption; - // The sign-in activity of the application in a delegated flow (user sign-in) where the application acts like a resource. - delegatedResourceSignInActivity?: NullableOption; + priority?: number; +} +export interface AuthenticationEventsPolicy extends Entity { + // A list of applicable actions to be taken on sign-up. + onSignupStart?: NullableOption; +} +export interface AuthenticationFlowsPolicy extends Entity { + // Inherited property. A description of the policy. This property isn't a key. Optional. Read-only. + description?: NullableOption; + // Inherited property. The human-readable name of the policy. This property isn't a key. Optional. Read-only. + displayName?: NullableOption; /** - * The most recent sign-in activity of the application across delegated or app-only flows where the application is used - * either as a client or resource. + * Contains selfServiceSignUpAuthenticationFlowConfiguration settings that convey whether self-service sign-up is enabled + * or disabled. This property isn't a key. Optional. Read-only. */ - lastSignInActivity?: NullableOption; -} -export interface ServiceLevelAgreementRoot extends Entity { - // Collects the Microsoft Entra SLA attainment for each month for a Microsoft Entra tenant. - azureADAuthentication?: NullableOption; + selfServiceSignUp?: NullableOption; } -export interface UserCredentialUsageDetails extends Entity { +export interface AuthenticationListener extends Entity { /** - * Represents the authentication method that the user used. Possible values are:email, mobileSMS, mobileCall, officePhone, - * securityQuestion (only used for self-service password reset), appNotification, appCode, alternateMobileCall (supported - * only in registration), fido, appPassword,unknownFutureValue + * The priority of the listener. Determines the order of evaluation when an event has multiple listeners. The priority is + * evaluated from low to high. */ - authMethod?: UsageAuthMethod; + priority?: number; /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Filter based on the source of the authentication that is used to determine whether the listener is evaluated, and is + * currently limited to evaluations based on application the user is authenticating to. */ - eventDateTime?: string; - // Provides the failure reason for the corresponding reset or registration workflow. - failureReason?: string; - // Possible values are: registration, reset, unknownFutureValue. - feature?: FeatureType; - // Indicates success or failure of the workflow. - isSuccess?: boolean; - // User name of the user performing the reset or registration workflow. - userDisplayName?: string; - // User principal name of the user performing the reset or registration workflow. - userPrincipalName?: string; -} -export interface UserInsightsRoot extends Entity { - daily?: NullableOption; - monthly?: NullableOption; -} -export interface PrintUsage extends Entity { - blackAndWhitePageCount?: NullableOption; - colorPageCount?: NullableOption; - completedBlackAndWhiteJobCount?: number; - completedColorJobCount?: number; - completedJobCount?: NullableOption; - doubleSidedSheetCount?: NullableOption; - incompleteJobCount?: number; - mediaSheetCount?: NullableOption; - pageCount?: NullableOption; - singleSidedSheetCount?: NullableOption; - usageDate?: string; + sourceFilter?: NullableOption; } -export interface PrintUsageByPrinter extends PrintUsage { - printerId?: string; - // The name of the printer represented by these statistics. - printerName?: NullableOption; +// tslint:disable-next-line: no-empty-interface +export interface AuthenticationMethod extends Entity {} +export interface AuthenticationMethodConfiguration extends Entity { + // Groups of users that are excluded from a policy. + excludeTargets?: NullableOption; + // The state of the policy. Possible values are: enabled, disabled. + state?: NullableOption; } -export interface PrintUsageByUser extends PrintUsage { - // The UPN of the user represented by these statistics. - userPrincipalName?: string; +export interface AuthenticationMethodModeDetail extends Entity { + /** + * The authentication method that this mode modifies. The possible values are: password, voice, hardwareOath, + * softwareOath, sms, fido2, windowsHelloForBusiness, microsoftAuthenticator, temporaryAccessPass, email, x509Certificate, + * federation, unknownFutureValue. + */ + authenticationMethod?: BaseAuthenticationMethod; + // The display name of this mode + displayName?: string; } -// tslint:disable-next-line: no-empty-interface -export interface SecurityReportsRoot extends Entity {} -// tslint:disable-next-line: interface-name -export interface Invitation extends Entity { - // The display name of the user being invited. - invitedUserDisplayName?: NullableOption; +export interface AuthenticationMethodsPolicy extends Entity { + // A description of the policy. + description?: NullableOption; + // The name of the policy. + displayName?: NullableOption; + // The date and time of the last update to the policy. + lastModifiedDateTime?: NullableOption; /** - * The email address of the user being invited. Required. The following special characters aren't permitted in the email - * address:Tilde (~)Exclamation point (!)At sign (@)Number sign (#)Dollar sign ($)Percent (%)Circumflex (^)Ampersand - * (&)Asterisk (*)Parentheses (( ))Hyphen (-)Plus sign (+)Equal sign (=)Brackets ([ ])Braces ({ })Backslash (/)Slash - * mark (/)Pipe (` + * The state of migration of the authentication methods policy from the legacy multifactor authentication and self-service + * password reset (SSPR) policies. The possible values are: premigration - means the authentication methods policy is used + * for authentication only, legacy policies are respected. migrationInProgress - means the authentication methods policy + * is used for both authentication and SSPR, legacy policies are respected. migrationComplete - means the authentication + * methods policy is used for authentication and SSPR, legacy policies are ignored. unknownFutureValue - Evolvable + * enumeration sentinel value. Don't use. */ - invitedUserEmailAddress?: string; + policyMigrationState?: NullableOption; + // The version of the policy in use. + policyVersion?: NullableOption; + // Days before the user will be asked to reconfirm their method. + reconfirmationInDays?: NullableOption; /** - * Additional configuration for the message being sent to the invited user, including customizing message text, language - * and cc recipient list. + * Enforce registration at sign-in time. This property can be used to remind users to set up targeted authentication + * methods. */ - invitedUserMessageInfo?: NullableOption; + registrationEnforcement?: NullableOption; /** - * The userType of the user being invited. By default, this is Guest. You can invite as Member if you're a company - * administrator. The default is false. + * Enable users to report unexpected voice call or phone app notification multi-factor authentication prompts as + * suspicious. */ - invitedUserType?: NullableOption; - // The URL the user can use to redeem their invitation. Read-only. - inviteRedeemUrl?: NullableOption; - // The URL user should be redirected to once the invitation is redeemed. Required. - inviteRedirectUrl?: string; + reportSuspiciousActivitySettings?: NullableOption; + // Prompt users with their most-preferred credential for multifactor authentication. + systemCredentialPreferences?: NullableOption; /** - * Reset the user's redemption status and reinvite a user while retaining their user identifier, group memberships, and - * app assignments. This property allows you to enable a user to sign-in using a different email address from the one in - * the previous invitation. For more information about using this property, see Reset redemption status for a guest user - * (Preview). + * Represents the settings for each authentication method. Automatically expanded on GET + * /policies/authenticationMethodsPolicy. */ - resetRedemption?: NullableOption; - // Indicates whether an email should be sent to the user being invited. The default is false. - sendInvitationMessage?: NullableOption; - // The status of the invitation. Possible values: PendingAcceptance, Completed, InProgress, and Error - status?: NullableOption; - // The user created as part of the invitation creation. Read-Only - invitedUser?: NullableOption; + authenticationMethodConfigurations?: NullableOption; +} +export interface AuthenticationMethodsRoot extends Entity { /** - * The users or groups who are sponsors of the invited user. Sponsors are users and groups that are responsible for guest - * users' privileges in the tenant and for keeping the guest users' information and access up to date. + * Represents the state of a user's authentication methods, including which methods are registered and which features the + * user is registered and capable of (such as multifactor authentication, self-service password reset, and passwordless + * authentication). */ - invitedUserSponsors?: NullableOption; + userRegistrationDetails?: NullableOption; } -export interface ActivityStatistics extends Entity { - // The type of activity for which statistics are returned. The possible values are: call, chat, email, focus, and meeting. - activity?: NullableOption; - // Total hours spent on the activity. The value is represented in ISO 8601 format for durations. - duration?: string; +export interface AuthenticationMethodTarget extends Entity { + // Determines if the user is enforced to register the authentication method. + isRegistrationRequired?: boolean; /** - * Date when the activity ended, expressed in ISO 8601 format for calendar dates. For example, the property value could be - * '2019-07-03' that follows the YYYY-MM-DD format. + * Possible values are: group, and unknownFutureValue. From December 2022, targeting individual users using user is no + * longer recommended. Existing targets remain but we recommend moving the individual users to a targeted group. */ - endDate?: string; + targetType?: AuthenticationMethodTargetType; +} +export interface AuthenticationsMetric extends Entity { + // The ID of the Microsoft Entra application. Supports $filter (eq). + appid?: NullableOption; + // The number of authentication requests made in the specified period. Supports $filter (eq). + attemptsCount?: number; + // The location where the customers authenticated from. Supports $filter (eq). + country?: NullableOption; + // The date of the user insight. + factDate?: NullableOption; + identityProvider?: NullableOption; + language?: NullableOption; + // The platform for the device that the customers used. Supports $filter (eq). + os?: NullableOption; + // Number of successful authentication requests. Supports $filter (eq). + successCount?: number; +} +export interface AuthenticationStrengthPolicy extends Entity { + // A collection of authentication method modes that are required be used to satify this authentication strength. + allowedCombinations?: AuthenticationMethodModes[]; + // The datetime when this policy was created. + createdDateTime?: string; + // The human-readable description of this policy. + description?: NullableOption; + // The human-readable display name of this policy. Supports $filter (eq, ne, not , and in). + displayName?: string; + // The datetime when this policy was last modified. + modifiedDateTime?: string; /** - * Date when the activity started, expressed in ISO 8601 format for calendar dates. For example, the property value could - * be '2019-07-04' that follows the YYYY-MM-DD format. + * A descriptor of whether this policy is built into Microsoft Entra Conditional Access or created by an admin for the + * tenant. The possible values are: builtIn, custom, unknownFutureValue. Supports $filter (eq, ne, not , and in). */ - startDate?: string; + policyType?: AuthenticationStrengthPolicyType; /** - * The time zone that the user sets in Microsoft Outlook is used for the computation. For example, the property value - * could be 'Pacific Standard Time.' + * A descriptor of whether this authentication strength grants the MFA claim upon successful satisfaction. The possible + * values are: none, mfa, unknownFutureValue. */ - timeZoneUsed?: NullableOption; -} -export interface CallActivityStatistics extends ActivityStatistics { + requirementsSatisfied?: AuthenticationStrengthRequirements; /** - * Time spent on calls outside of working hours, which is based on the user's Outlook calendar setting for work hours. The - * value is represented in ISO 8601 format for durations. + * Settings that may be used to require specific types or instances of an authentication method to be used when + * authenticating with a specified combination of authentication methods. */ - afterHours?: string; + combinationConfigurations?: NullableOption; } -export interface ChatActivityStatistics extends ActivityStatistics { +export interface AuthenticationStrengthRoot extends Entity { + // A collection of all valid authentication method combinations in the system. + authenticationCombinations?: AuthenticationMethodModes[]; + combinations?: AuthenticationMethodModes[]; + // Names and descriptions of all valid authentication method modes in the system. + authenticationMethodModes?: NullableOption; /** - * Time spent on chats outside of working hours, which is based on the user's Microsoft Outlook calendar setting for work - * hours. The value is represented in ISO 8601 format for durations. + * A collection of authentication strength policies that exist for this tenant, including both built-in and custom + * policies. */ - afterHours?: string; + policies?: NullableOption; } -export interface EmailActivityStatistics extends ActivityStatistics { +export interface AuthoredNote extends Entity { + // Identity information about the note's author. + author?: NullableOption; + // The content of the note. + content?: NullableOption; /** - * Total hours spent on email outside of working hours, which is based on the user's Outlook calendar setting for work - * hours. The value is represented in ISO 8601 format for durations. + * The date and time when the entity was created. The Timestamp type represents date and time information using ISO 8601 + * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - afterHours?: string; - // Total hours spent reading email. The value is represented in ISO 8601 format for durations. - readEmail?: string; - // Total hours spent writing and sending email. The value is represented in ISO 8601 format for durations. - sentEmail?: string; + createdDateTime?: NullableOption; } -// tslint:disable-next-line: no-empty-interface -export interface FocusActivityStatistics extends ActivityStatistics {} -export interface MeetingActivityStatistics extends ActivityStatistics { +export interface AuthorizationPolicy extends PolicyBase { + // Indicates whether users can sign up for email based subscriptions. + allowedToSignUpEmailBasedSubscriptions?: boolean; /** - * Time spent on meetings outside of working hours, which is based on the user's Outlook calendar setting for work hours. - * The value is represented in ISO 8601 format for durations. + * Indicates whether administrators of the tenant can use the Self-Service Password Reset (SSPR). For more information, + * see Self-service password reset for administrators. */ - afterHours?: string; + allowedToUseSSPR?: boolean; + // Indicates whether a user can join the tenant by email validation. + allowEmailVerifiedUsersToJoinOrganization?: boolean; /** - * Time spent in conflicting meetings (meetings that overlap with other meetings that the person accepted and where the - * person’s status is set to Busy). The value is represented in ISO 8601 format for durations. + * Indicates who can invite guests to the organization. Possible values are: none, adminsAndGuestInviters, + * adminsGuestInvitersAndAllMembers, everyone. everyone is the default setting for all cloud environments except US + * Government. For more information, see allowInvitesFrom values. */ - conflicting?: string; - // Time spent in long meetings (more than an hour in duration). The value is represented in ISO 8601 format for durations. - long?: string; + allowInvitesFrom?: NullableOption; /** - * Time spent in meetings where the person was multitasking (read/sent more than a minimum number of emails and/or sent - * more than a minimum number of messages in Teams or in Skype for Business). The value is represented in ISO 8601 format - * for durations. + * Indicates whether user consent for risky apps is allowed. Default value is false. We recommend that you keep the value + * set to false. */ - multitasking?: string; - // Time spent in meetings organized by the user. The value is represented in ISO 8601 format for durations. - organized?: string; - // Time spent on recurring meetings. The value is represented in ISO 8601 format for durations. - recurring?: string; -} -export interface ApplicationTemplate extends Entity { + allowUserConsentForRiskyApps?: NullableOption; /** - * The list of categories for the application. Supported values can be: Collaboration, Business Management, Consumer, - * Content management, CRM, Data services, Developer services, E-commerce, Education, ERP, Finance, Health, Human - * resources, IT infrastructure, Mail, Management, Marketing, Media, Productivity, Project management, Telecommunications, - * Tools, Travel, and Web design & hosting. + * To disable the use of the MSOnline PowerShell module set this property to true. This also disables user-based access to + * the legacy service endpoint used by the MSOnline PowerShell module. This doesn't affect Microsoft Entra Connect or + * Microsoft Graph. */ - categories?: NullableOption; - // A description of the application. - description?: NullableOption; - // The name of the application. - displayName?: NullableOption; - // The home page URL of the application. - homePageUrl?: NullableOption; - informationalUrls?: NullableOption; - // The URL to get the logo for this application. - logoUrl?: NullableOption; - // The name of the publisher for this application. - publisher?: NullableOption; - supportedClaimConfiguration?: NullableOption; - // The list of provisioning modes supported by this application. The only valid value is sync. - supportedProvisioningTypes?: NullableOption; + blockMsolPowerShell?: NullableOption; + // Specifies certain customizable permissions for default user role. + defaultUserRolePermissions?: DefaultUserRolePermissions; + // List of features enabled for private preview on the tenant. + enabledPreviewFeatures?: NullableOption; /** - * The list of single sign-on modes supported by this application. The supported values are oidc, password, saml, and - * notSupported. + * Represents role templateId for the role that should be granted to guests. Refer to List unifiedRoleDefinitions to find + * the list of available role templates. Currently following roles are supported: User + * (a0b1b346-4d3e-4e8b-98f8-753987be4970), Guest User (10dae51f-b6af-4016-8d66-8c2a99b929b3), and Restricted Guest User + * (2af84b1e-32c8-42b7-82bc-daa82404023b). */ - supportedSingleSignOnModes?: NullableOption; -} -// tslint:disable-next-line: no-empty-interface -export interface ClaimsMappingPolicy extends StsPolicy {} -export interface DelegatedPermissionClassification extends Entity { - // The classification value being given. Possible value: low. Doesn't support $filter. - classification?: NullableOption; + guestUserRoleId?: NullableOption; /** - * The unique identifier (id) for the delegated permission listed in the publishedPermissionScopes collection of the - * servicePrincipal. Required on create. Doesn't support $filter. + * Indicates if user consent to apps is allowed, and if it is, which app consent policy (permissionGrantPolicy) governs + * the permission for users to grant consent. Values should be in the format managePermissionGrantsForSelf.{id}, where + * {id} is the id of a built-in or custom app consent policy. An empty list indicates user consent to apps is disabled. */ - permissionId?: NullableOption; + permissionGrantPolicyIdsAssignedToDefaultUserRole?: NullableOption; + defaultUserRoleOverrides?: NullableOption; +} +export interface AuthorizationSystem extends Entity { /** - * The claim value (value) for the delegated permission listed in the publishedPermissionScopes collection of the - * servicePrincipal. Doesn't support $filter. + * ID of the authorization system retrieved from the customer cloud environment. Supports $filter(eq, contains) and + * $orderBy. */ - permissionName?: NullableOption; -} -export interface RemoteDesktopSecurityConfiguration extends Entity { - // Determines if Microsoft Entra ID RDS authentication protocol for RDP is enabled. - isRemoteDesktopProtocolEnabled?: boolean; + authorizationSystemId?: string; + // Name of the authorization system detected after onboarding. Supports $filter(eq,contains) and $orderBy. + authorizationSystemName?: string; + // The type of authorization system. Can be gcp, azure, or aws. Supports $filter(eq). + authorizationSystemType?: string; /** - * The collection of target device groups that are associated with the RDS security configuration that will be enabled for - * SSO when a client connects to the target device over RDP using the new Microsoft Entra ID RDS authentication protocol. + * Defines how and whether Permissions Management collects data from the onboarded authorization system. Supports $filter + * (eq) as follows: $filter=dataCollectionInfo/entitlements/permissionsModificationCapability and + * $filter=dataCollectionInfo/entitlements/status. */ - targetDeviceGroups?: NullableOption; + dataCollectionInfo?: NullableOption; } -export interface SolutionsRoot { - businessScenarios?: NullableOption; - virtualEvents?: NullableOption; +export interface AuthorizationSystemIdentity extends Entity { + // The name of the identity. Read-only. Supports $filter and (eq,contains). + displayName?: NullableOption; + // Unique ID of the identity within the external system. Read-only. + externalId?: string; + // Represents details of the source of the identity. + source?: NullableOption; + // Navigation to the authorizationSystem object + authorizationSystem?: NullableOption; } -export interface BusinessScenario extends Entity { - // The identity of the user who created the scenario. - createdBy?: NullableOption; - /** - * The date and time when the scenario was created. The Timestamp type represents date and time information using ISO 8601 - * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. - */ - createdDateTime?: string; - // Display name of the scenario. +export interface AuthorizationSystemResource extends Entity { + // The name of the resource. Read-only. Supports $filter (eq,contains). displayName?: NullableOption; - // The identity of the user who last modified the scenario. - lastModifiedBy?: NullableOption; + // The ID of the resource as defined by the authorization system provider. Read-only. Supports $filter (eq). + externalId?: string; + // The type of the resource. Read-only. Supports $filter (eq). + resourceType?: NullableOption; + // The authorization system that the resource exists in. + authorizationSystem?: NullableOption; +} +export interface AuthorizationSystemTypeAction extends Entity { /** - * The date and time when the scenario was last modified. The Timestamp type represents date and time information using - * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * The type of action allowed in the authorization system's service. The possible values are: delete, read, + * unknownFutureValue. Supports $filter and (eq). */ - lastModifiedDateTime?: string; - // Identifiers of applications that are authorized to work with this scenario. - ownerAppIds?: NullableOption; + actionType?: NullableOption; + // The display name of an action. Read-only. Supports $filter and (eq). + externalId?: string; + // The resource types in the authorization system's service where the action can be performed. Supports $filter and (eq). + resourceTypes?: NullableOption; /** - * Unique name of the scenario. To avoid conflicts, the recommended value for the unique name is a reverse domain name - * format, owned by the author of the scenario. For example, a scenario authored by Contoso.com would have a unique name - * that starts with com.contoso. + * The severity of the action in the authorization systems' service. The possible values are: normal, high, + * unknownFutureValue. */ - uniqueName?: NullableOption; - // Planner content related to the scenario. - planner?: NullableOption; + severity?: AuthorizationSystemActionSeverity; } -export interface VirtualEventsRoot extends Entity { - events?: NullableOption; - townhalls?: NullableOption; - webinars?: NullableOption; +export interface AuthorizationSystemTypeService extends Entity { + // List of actions for the service in an authorization system that is onboarded to Permissions Management. + actions?: NullableOption; } -export interface AuthenticationCombinationConfiguration extends Entity { +export interface AwsAccessKey extends AwsIdentity { + // Represents the owner of the access key. + owner?: NullableOption; +} +export interface AwsAuthorizationSystem extends AuthorizationSystem { + // Identities in the authorization system. + associatedIdentities?: NullableOption; + // List of actions for service in authorization system. + actions?: NullableOption; + // Policies associated with the AWS authorization system type. + policies?: NullableOption; + // Resources associated with the authorization system type. + resources?: NullableOption; + // Services associated with the authorization system type. + services?: NullableOption; +} +export interface AwsAuthorizationSystemResource extends AuthorizationSystemResource { + // The service associated with the resource in an AWS authorization system. This is auto-expanded. + service?: NullableOption; +} +export interface AwsAuthorizationSystemTypeAction extends AuthorizationSystemTypeAction { + // The service associated with the action in an AWS authorization system. This object autoexpanded. Supports $filter (eq). + service?: AuthorizationSystemTypeService; +} +export interface AwsEc2Instance extends AwsIdentity { + // Represents the resources in an authorization system. + resource?: NullableOption; +} +export interface AwsExternalSystemAccessFinding extends Finding { /** - * Which authentication method combinations this configuration applies to. Must be an allowedCombinations object that's - * defined for the authenticationStrengthPolicy. The only possible value for fido2combinationConfigurations is 'fido2'. + * Specifies if the system can be accessed directly, via role chaining, or both. The possible values are: direct, + * roleChaining, unknownFutureValue. Supports $filter (eq). */ - appliesToCombinations?: AuthenticationMethodModes[]; -} -export interface AuthenticationMethodConfiguration extends Entity { - // Groups of users that are excluded from a policy. - excludeTargets?: NullableOption; - // The state of the policy. Possible values are: enabled, disabled. - state?: NullableOption; + accessMethods?: ExternalSystemAccessMethods; + systemWithAccess?: AuthorizationSystemInfo; + // The number of identities in the external system that are trusted, if not all. Supports $orderby. + trustedIdentityCount?: NullableOption; + // Flag that determines if all identities in the external system are trusted, or only a subset. + trustsAllIdentities?: boolean; + /** + * The system that can be accessed from an external system. Supports $orderby (affectedSystem/authorizationSystemName) and + * $filter as follows: $filter=affectedSystem/authorizationSystemId IN ['authorizationSystemIds'] + */ + affectedSystem?: AuthorizationSystem; } -export interface AuthenticationMethodModeDetail extends Entity { +export interface AwsExternalSystemAccessRoleFinding extends Finding { + // The IDs of the accounts that this role is able to access. + accessibleSystemIds?: NullableOption; /** - * The authentication method that this mode modifies. The possible values are: password, voice, hardwareOath, - * softwareOath, sms, fido2, windowsHelloForBusiness, microsoftAuthenticator, temporaryAccessPass, email, x509Certificate, - * federation, unknownFutureValue. + * A score for an identity's excessive permissions that is classified into three buckets: 0-33: low, 34-66: medium, + * 67-100: high. This property and its values are a snapshot as of when the finding was created and might not reflect the + * current score for the identity. Supports $filter (gt) and $orderby. */ - authenticationMethod?: BaseAuthenticationMethod; - // The display name of this mode - displayName?: string; + permissionsCreepIndex?: PermissionsCreepIndex; + /** + * The role that has access to external accounts. Supports $orderby (for role/displayName) and $filter as follows: + * $filter=role/authorizationSystem/authorizationSystemId IN ['authorizationSystemIds'] and + * $filter=role/authorizationSystem/authorizationSystemName eq 'authsystemname'. Autoexpanded by default. + */ + role?: AwsRole; } -export interface AuthenticationMethodsPolicy extends Entity { - // A description of the policy. - description?: NullableOption; - // The name of the policy. - displayName?: NullableOption; - // The date and time of the last update to the policy. - lastModifiedDateTime?: NullableOption; +// tslint:disable-next-line: no-empty-interface +export interface AwsGroup extends AwsIdentity {} +// tslint:disable-next-line: no-empty-interface +export interface AwsIdentity extends AuthorizationSystemIdentity {} +export interface AwsIdentityAccessManagementKeyAgeFinding extends Finding { /** - * The state of migration of the authentication methods policy from the legacy multifactor authentication and self-service - * password reset (SSPR) policies. The possible values are: premigration - means the authentication methods policy is used - * for authentication only, legacy policies are respected. migrationInProgress - means the authentication methods policy - * is used for both authentication and SSPR, legacy policies are respected. migrationComplete - means the authentication - * methods policy is used for authentication and SSPR, legacy policies are ignored. unknownFutureValue - Evolvable - * enumeration sentinel value. Don't use. + * Contains information on authorization system actions granted to an identity and actions executed by this identity in + * the last 90 days. This property and its values are a snapshot as of when the finding was created and may not reflect + * the current values for the identity */ - policyMigrationState?: NullableOption; - // The version of the policy in use. - policyVersion?: NullableOption; - // Days before the user will be asked to reconfirm their method. - reconfirmationInDays?: NullableOption; + actionSummary?: ActionSummary; + awsAccessKeyDetails?: NullableOption; + /** + * A score for an identity's excessive permissions that is classified into three buckets: 0-33: low, 34-66: medium, + * 67-100: high. This property and its values are a snapshot as of when the finding was created and might not reflect the + * current score for the identity. Supports $filter (gt) and $orderby. + */ + permissionsCreepIndex?: PermissionsCreepIndex; + // Status of the Iam Access Key. The possible values are: active, inactive, disabled, unknownFutureValue. + status?: IamStatus; /** - * Enforce registration at sign-in time. This property can be used to remind users to set up targeted authentication - * methods. + * Represents the Aws access key in an authorization system. Note, because of a limit in our current data model, we do not + * have all of the standard identity information for the access key's owner. */ - registrationEnforcement?: NullableOption; + accessKey?: AwsAccessKey; +} +export interface AwsIdentityAccessManagementKeyUsageFinding extends Finding { /** - * Enable users to report unexpected voice call or phone app notification multi-factor authentication prompts as - * suspicious. + * Contains information on authorization system actions granted to an identity and actions executed by this identity in + * the last 90 days. This property and its values are a snapshot as of when the finding was created and may not reflect + * the current values for the identity. */ - reportSuspiciousActivitySettings?: NullableOption; - // Prompt users with their most-preferred credential for multifactor authentication. - systemCredentialPreferences?: NullableOption; + actionSummary?: ActionSummary; + awsAccessKeyDetails?: NullableOption; /** - * Represents the settings for each authentication method. Automatically expanded on GET - * /policies/authenticationMethodsPolicy. + * A score for an identity's excessive permissions that is classified into three buckets: 0-33: low, 34-66: medium, + * 67-100: high. This property and its values are a snapshot as of when the finding was created and might not reflect the + * current score for the identity. Supports $filter (gt) and $orderby. */ - authenticationMethodConfigurations?: NullableOption; -} -export interface AuthenticationMethodTarget extends Entity { - // Determines if the user is enforced to register the authentication method. - isRegistrationRequired?: boolean; + permissionsCreepIndex?: PermissionsCreepIndex; + // Status of the IAM Access Key. The possible values are: active, inactive, disabled, unknownFutureValue. + status?: IamStatus; /** - * Possible values are: group, and unknownFutureValue. From December 2022, targeting individual users using user is no - * longer recommended. Existing targets remain but we recommend moving the individual users to a targeted group. + * Represents the AWS Access Key in an authorization system. All the standard identity information for the access key's + * owner is currently unavailable. */ - targetType?: AuthenticationMethodTargetType; + accessKey?: AwsAccessKey; } -export interface AuthenticationStrengthPolicy extends Entity { - // A collection of authentication method modes that are required be used to satify this authentication strength. - allowedCombinations?: AuthenticationMethodModes[]; - // The datetime when this policy was created. - createdDateTime?: string; - // The human-readable description of this policy. - description?: NullableOption; - // The human-readable display name of this policy. Supports $filter (eq, ne, not , and in). - displayName?: string; - // The datetime when this policy was last modified. - modifiedDateTime?: string; +export interface AwsLambda extends AwsIdentity { + // Represents the resources in an authorization system.. + resource?: NullableOption; +} +export interface AwsPolicy extends Entity { /** - * A descriptor of whether this policy is built into Microsoft Entra Conditional Access or created by an admin for the - * tenant. The possible values are: builtIn, custom, unknownFutureValue. Supports $filter (eq, ne, not , and in). + * The type of the AWS policy. The possible values are: system, custom, unknownFutureValue. Read-only. Supports $filter + * and (eq). */ - policyType?: AuthenticationStrengthPolicyType; + awsPolicyType?: AwsPolicyType; + // The display name for the AWS policy. Read-only. Supports $filter and (eq,contains). + displayName?: string; + // The base64 encoded identifier for the AWS policy as defined by AWS. Read-only. Alternate key. Supports $filter and eq. + externalId?: string; +} +export interface AwsRole extends AwsIdentity { + // Indicates whether role is a system or custom role. Supports $filter (eq). + roleType?: AwsRoleType; + // Types of role trusts. The possible values are: none, service, sso, crossAccount, webIdentity, unknownFutureValue. + trustEntityType?: AwsRoleTrustEntityType; +} +export interface AwsSecretInformationAccessFinding extends Finding { + identityDetails?: NullableOption; /** - * A descriptor of whether this authentication strength grants the MFA claim upon successful satisfaction. The possible - * values are: none, mfa, unknownFutureValue. + * A score for an identity's excessive permissions that is classified into three buckets: 0-33: low, 34-66: medium, + * 67-100: high. This property and its values are a snapshot as of when the finding was created and might not reflect the + * current score for the identity. Supports $filter (gt) and $orderby. */ - requirementsSatisfied?: AuthenticationStrengthRequirements; + permissionsCreepIndex?: PermissionsCreepIndex; /** - * Settings that may be used to require specific types or instances of an authentication method to be used when - * authenticating with a specified combination of authentication methods. + * AWS secret stores which can be accessed by the user, role, resource or serverless function.The possible values are: + * secretsManager, certificateAuthority, cloudHsm, certificateManager, unknownFutureValue. Supports $filter (has). */ - combinationConfigurations?: NullableOption; -} -export interface AuthenticationStrengthRoot extends Entity { - // A collection of all valid authentication method combinations in the system. - authenticationCombinations?: AuthenticationMethodModes[]; - combinations?: AuthenticationMethodModes[]; - // Names and descriptions of all valid authentication method modes in the system. - authenticationMethodModes?: NullableOption; + secretInformationWebServices?: AwsSecretInformationWebServices; /** - * A collection of authentication strength policies that exist for this tenant, including both built-in and custom - * policies. + * Represents an identity in an authorization system onboarded to Permissions Management. Inherited from identityFinding. + * Autoexpanded by default. Supports $filter as follows: $filter=identity/authorizationSystem/authorizationSystemId IN + * ('id1', 'id2'). */ - policies?: NullableOption; + identity?: AuthorizationSystemIdentity; } -export interface ConditionalAccessRoot extends Entity { +export interface AwsSecurityToolAdministrationFinding extends Finding { + identityDetails?: NullableOption; /** - * Defines the authentication strength policies, valid authentication method combinations, and authentication method mode - * details that can be required by a conditional access policy. + * A score for an identity's excessive permissions that is classified into three buckets: 0-33: low, 34-66: medium, + * 67-100: high. This property and its values are a snapshot as of when the finding was created and might not reflect the + * current score for the identity. Supports $filter (gt) and $orderby. */ - authenticationStrength?: NullableOption; - authenticationStrengths?: NullableOption; - // Read-only. Nullable. Returns a collection of the specified authentication context class references. - authenticationContextClassReferences?: NullableOption; - // Read-only. Nullable. Returns a collection of the specified named locations. - namedLocations?: NullableOption; - // Read-only. Nullable. Returns a collection of the specified Conditional Access policies. - policies?: NullableOption; - // Read-only. Nullable. Returns a collection of the specified Conditional Access templates. - templates?: NullableOption; -} -export interface AuthenticationContextClassReference extends Entity { + permissionsCreepIndex?: PermissionsCreepIndex; /** - * A short explanation of the policies that are enforced by authenticationContextClassReference. This value should be used - * to provide secondary text to describe the authentication context class reference when building user facing admin - * experiences. For example, selection UX. + * AWS security tools which can be administered by the user, role, resource or serverless function.The possible values + * are: macie, wafShield, cloudTrail, inspector, securityHub, detective, guardDuty, unknownFutureValue. Supports $filter + * (has). */ - description?: NullableOption; + securityTools?: AwsSecurityToolWebServices; /** - * A friendly name that identifies the authenticationContextClassReference object when building user-facing admin - * experiences. For example, a selection UX. + * Represents an identity in an authorization system onboarded to Permissions Management. Inherited from identityFinding. + * Autoexpanded by default. Supports $filter as follows: $filter=identity/authorizationSystem/authorizationSystemId IN + * ['authorizationSystemIds']. */ - displayName?: NullableOption; + identity?: AuthorizationSystemIdentity; +} +export interface AwsStatement { + // The AWS actions. + actions?: string[]; + // The AWS conditions associated with the statement. + condition?: NullableOption; + // The AWS action effect, whether to allow or deny. The possible values are: allow, deny, unknownFutureValue. + effect?: AwsStatementEffect; + // AWS Not Actions + notActions?: string[]; + // AWS Not Resources + notResources?: string[]; + // The AWS resources associated with the statement. + resources?: string[]; + // The ID of the AWS statement. + statementId?: string; +} +export interface AwsUser extends AwsIdentity { + // Roles assumed by the user. + assumableRoles?: NullableOption; +} +export interface AzureADAuthentication extends Entity { + // A list of monthly serviceLevelAgreementAttainment objects. + attainments?: ServiceLevelAgreementAttainment[]; +} +// tslint:disable-next-line: no-empty-interface +export interface AzureADWindowsAutopilotDeploymentProfile extends WindowsAutopilotDeploymentProfile {} +export interface AzureAuthorizationSystem extends AuthorizationSystem { + // Identities in the authorization system. + associatedIdentities?: NullableOption; + // List of actions for service in authorization system. + actions?: NullableOption; + // Resources associated with the authorization system type. + resources?: NullableOption; + // Roles associated with the authorization system type. + roleDefinitions?: NullableOption; + // Services associated with the authorization system type. + services?: NullableOption; +} +export interface AzureAuthorizationSystemResource extends AuthorizationSystemResource { + // The service associated with the resource in an Azure authorization system. This object is auto-expanded. + service?: NullableOption; +} +export interface AzureAuthorizationSystemTypeAction extends AuthorizationSystemTypeAction { /** - * Indicates whether the authenticationContextClassReference has been published by the security admin and is ready for use - * by apps. When it's set to false, it shouldn't be shown in selection UX used to tag resources with authentication - * context class values. It will still be shown in the Conditional Access policy authoring experience. Supports $filter + * The service associated with the action in an Azure authorization system. This object is autoexpanded. Supports $filter * (eq). */ - isAvailable?: NullableOption; + service?: AuthorizationSystemTypeService; } -export interface NamedLocation extends Entity { +export interface AzureCommunicationServicesUserConversationMember extends ConversationMember { + // Azure Communication Services ID of the user. + azureCommunicationServicesId?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface AzureGroup extends AzureIdentity {} +// tslint:disable-next-line: no-empty-interface +export interface AzureIdentity extends AuthorizationSystemIdentity {} +// tslint:disable-next-line: no-empty-interface +export interface AzureManagedIdentity extends AzureIdentity {} +export interface AzureRoleDefinition extends Entity { /** - * The Timestamp type represents creation date and time of the location using ISO 8601 format and is always in UTC time. - * For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. + * Scopes at which the Azure role can be assigned. For more information about common patterns, see Understand Azure role + * definitions: AssignableScopes. Supports $filter (eq). */ - createdDateTime?: NullableOption; - // Human-readable name of the location. + assignableScopes?: string[]; + // Type of Azure role. The possible values are: system, custom, unknownFutureValue. Supports $filter (eq). + azureRoleDefinitionType?: AzureRoleDefinitionType; + // Name of the Azure role. Supports $filter (eq, contains). displayName?: string; + // Identifier of an Azure role defined by Microsoft Azure. Alternate key. Supports $filter (eq). + externalId?: string; +} +export interface AzureServerlessFunction extends AzureIdentity { + // Represents the resources in an authorization system. + resource?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface AzureServicePrincipal extends AzureIdentity {} +// tslint:disable-next-line: no-empty-interface +export interface AzureUser extends AzureIdentity {} +export interface B2cAuthenticationMethodsPolicy extends Entity { + // The tenant admin can configure local accounts using email if the email and password authentication method is enabled. + isEmailPasswordAuthenticationEnabled?: boolean; /** - * The Timestamp type represents last modified date and time of the location using ISO 8601 format and is always in UTC - * time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. + * The tenant admin can configure local accounts using phone number if the phone number and one-time password + * authentication method is enabled. */ - modifiedDateTime?: NullableOption; -} -export interface ConditionalAccessPolicy extends Entity { - // Specifies the rules that must be met for the policy to apply. Required. - conditions?: ConditionalAccessConditionSet; + isPhoneOneTimePasswordAuthenticationEnabled?: boolean; /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. + * The tenant admin can configure local accounts using username if the username and password authentication method is + * enabled. */ - createdDateTime?: NullableOption; - // Not used. - description?: NullableOption; - // Specifies a display name for the conditionalAccessPolicy object. - displayName?: string; - // Specifies the grant controls that must be fulfilled to pass the policy. - grantControls?: NullableOption; + isUserNameAuthenticationEnabled?: boolean; +} +export interface B2cIdentityUserFlow extends IdentityUserFlow { /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. + * Configuration for enabling an API connector for use as part of the user flow. You can only obtain the value of this + * object using Get userFlowApiConnectorConfiguration. */ - modifiedDateTime?: NullableOption; - // Specifies the session controls that are enforced after sign-in. - sessionControls?: NullableOption; + apiConnectorConfiguration?: NullableOption; /** - * Specifies the state of the conditionalAccessPolicy object. Possible values are: enabled, disabled, - * enabledForReportingButNotEnforced. Required. + * Indicates the default language of the b2cIdentityUserFlow that is used when no ui_locale tag is specified in the + * request. This field is RFC 5646 compliant. */ - state?: ConditionalAccessPolicyState; -} -export interface ConditionalAccessTemplate extends Entity { - // The user-friendly name of the template. - description?: string; + defaultLanguageTag?: NullableOption; /** - * Complete list of policy details specific to the template. This property contains the JSON of policy settings for - * configuring a Conditional Access policy. + * The property that determines whether language customization is enabled within the B2C user flow. Language customization + * is not enabled by default for B2C user flows. */ - details?: ConditionalAccessPolicyDetail; - // The user-friendly name of the template. - name?: string; + isLanguageCustomizationEnabled?: boolean; + identityProviders?: NullableOption; /** - * List of conditional access scenarios that the template is recommended for. The possible values are: new, - * secureFoundation, zeroTrust, remoteWork, protectAdmins, emergingThreats, unknownFutureValue. This is a multi-valued - * enum. Supports $filter (has). + * The languages supported for customization within the user flow. Language customization is not enabled by default in B2C + * user flows. */ - scenarios?: TemplateScenarios; + languages?: NullableOption; + // The user attribute assignments included in the user flow. + userAttributeAssignments?: NullableOption; + userFlowIdentityProviders?: NullableOption; } -export interface EmailAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { +export interface B2xIdentityUserFlow extends IdentityUserFlow { /** - * Determines whether email OTP is usable by external users for authentication. Possible values are: default, enabled, - * disabled, unknownFutureValue. Tenants in the default state who didn't use public preview will automatically have email - * OTP enabled beginning in October 2021. + * Configuration for enabling an API connector for use as part of the self-service sign-up user flow. You can only obtain + * the value of this object using Get userFlowApiConnectorConfiguration. */ - allowExternalIdToUseEmailOtp?: NullableOption; - // A collection of groups that are enabled to use the authentication method. - includeTargets?: NullableOption; + apiConnectorConfiguration?: NullableOption; + identityProviders?: NullableOption; + /** + * The languages supported for customization within the user flow. Language customization is enabled by default in + * self-service sign-up user flow. You can't create custom languages in self-service sign-up user flows. + */ + languages?: NullableOption; + // The user attribute assignments included in the user flow. + userAttributeAssignments?: NullableOption; + userFlowIdentityProviders?: NullableOption; } -export interface Fido2AuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { - // Determines whether attestation must be enforced for FIDO2 security key registration. - isAttestationEnforced?: NullableOption; - // Determines if users can register new FIDO2 security keys. - isSelfServiceRegistrationAllowed?: NullableOption; +export interface BaseItem extends Entity { + // Identity of the user, device, or application that created the item. Read-only. + createdBy?: NullableOption; + // Date and time of item creation. Read-only. + createdDateTime?: string; + description?: NullableOption; + // ETag for the item. Read-only. + eTag?: NullableOption; + // Identity of the user, device, and application that last modified the item. Read-only. + lastModifiedBy?: NullableOption; + // Date and time the item was last modified. Read-only. + lastModifiedDateTime?: string; + // The name of the item. Read-write. + name?: NullableOption; + // Parent information, if the item has a parent. Read-write. + parentReference?: NullableOption; /** - * Controls whether key restrictions are enforced on FIDO2 security keys, either allowing or disallowing certain key types - * as defined by Authenticator Attestation GUID (AAGUID), an identifier that indicates the type (e.g. make and model) of - * the authenticator. + * URL that either displays the resource in the browser (for Office file formats), or is a direct link to the file (for + * other formats). Read-only. */ - keyRestrictions?: NullableOption; + webUrl?: NullableOption; + createdByUser?: NullableOption; + lastModifiedByUser?: NullableOption; } -export interface Fido2CombinationConfiguration extends AuthenticationCombinationConfiguration { - // A list of AAGUIDs allowed to be used as part of the specified authentication method combinations. - allowedAAGUIDs?: string[]; +export interface BaseItemVersion extends Entity { + // Identity of the user that last modified the version. Read-only. + lastModifiedBy?: NullableOption; + // Date and time when the version was last modified. Read-only. + lastModifiedDateTime?: NullableOption; + // Indicates the publication status of this particular version. Read-only. + publication?: NullableOption; } -export interface HardwareOathAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { - // A collection of groups that are enabled to use the authentication method. Expanded by default. - includeTargets?: NullableOption; +export interface BaseSitePage extends BaseItem { + // The name of the page layout of the page. The possible values are: microsoftReserved, article, home, unknownFutureValue. + pageLayout?: NullableOption; + // The publishing status and the MM.mm version of the page. + publishingState?: NullableOption; + // Title of the sitePage. + title?: NullableOption; } -export interface MicrosoftAuthenticatorAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { +export interface Bitlocker extends Entity { + // The recovery keys associated with the bitlocker entity. + recoveryKeys?: NullableOption; +} +export interface BitlockerRecoveryKey extends Entity { + // The date and time when the key was originally backed up to Microsoft Entra ID. + createdDateTime?: string; + // ID of the device the BitLocker key is originally backed up from. + deviceId?: NullableOption; + // The BitLocker recovery key. + key?: string; /** - * A collection of Microsoft Authenticator settings such as number matching and location context, and whether they are - * enabled for all users or specific users only. + * Indicates the type of volume the BitLocker key is associated with. Possible values are: operatingSystemVolume, + * fixedDataVolume, removableDataVolume, unknownFutureValue. */ - featureSettings?: NullableOption; - // true if users can use the OTP code generated by the Microsoft Authenticator app, false otherwise. - isSoftwareOathEnabled?: NullableOption; - // A collection of groups that are enabled to use the authentication method. Expanded by default. - includeTargets?: NullableOption; + volumeType?: NullableOption; } -export interface MicrosoftAuthenticatorAuthenticationMethodTarget extends AuthenticationMethodTarget { +export interface BookingAppointment extends Entity { + // Additional information that is sent to the customer when an appointment is confirmed. + additionalInformation?: NullableOption; + // The URL of the meeting to join anonymously. + anonymousJoinWebUrl?: NullableOption; + // The user can stamp a custom label on the appointment. + appointmentLabel?: NullableOption; + // The date, time, and timezone when the appointment was created. + createdDateTime?: NullableOption; + // The SMTP address of the bookingCustomer who is booking the appointment. + customerEmailAddress?: NullableOption; /** - * Determines which types of notifications can be used for sign-in. The possible values are: deviceBasedPush (passwordless - * only), push, and any. + * If CustomerId is not specified when an appointment is created then a new customer is created based on the appointment + * customer information. Once set, the customerId should be considered immutable. */ - authenticationMode?: MicrosoftAuthenticatorAuthenticationMode; -} -export interface PolicyRoot { + customerId?: NullableOption; + // Represents location information for the bookingCustomer who is booking the appointment. + customerLocation?: NullableOption; + // The customer's name. + customerName?: NullableOption; /** - * The authentication methods and the users that are allowed to use them to sign in and perform multifactor authentication - * (MFA) in Microsoft Entra ID. + * The value of this property is only available when reading an individual booking appointment by id. Its value can only + * be set when creating a new appointment with a new customer, ie, without specifying a CustomerId. After that, the + * property is computed from the customer represented by CustomerId. */ - authenticationMethodsPolicy?: NullableOption; - // The authentication method combinations that are to be used in scenarios defined by Microsoft Entra Conditional Access. - authenticationStrengthPolicies?: NullableOption; - // The policy configuration of the self-service sign-up experience of guests. - authenticationFlowsPolicy?: NullableOption; - // The Azure AD B2C policies that define how end users register via local accounts. - b2cAuthenticationMethodsPolicy?: NullableOption; - deviceRegistrationPolicy?: NullableOption; - // The policy that controls the idle time-out for web sessions for applications. - activityBasedTimeoutPolicies?: NullableOption; + customerNotes?: NullableOption; + // The customer's phone number. + customerPhone?: NullableOption; /** - * The policies that enforce app management restrictions for specific applications and service principals, overriding the - * defaultAppManagementPolicy. + * A collection of the customer properties for an appointment. An appointment will contain a list of customer information + * and each unit will indicate the properties of a customer who is part of that appointment. Optional. */ - appManagementPolicies?: NullableOption; - // The policy that controls Microsoft Entra authorization settings. - authorizationPolicy?: NullableOption; + customers?: BookingCustomerInformationBase[]; + // The time zone of the customer. For a list of possible values, see dateTimeTimeZone. + customerTimeZone?: NullableOption; + // The length of the appointment, denoted in ISO8601 format. + duration?: string; + // The date, time, and time zone that the appointment ends. + end?: DateTimeTimeZone; + // The current number of customers in the appointment. + filledAttendeesCount?: number; + // The billed amount on the invoice. + invoiceAmount?: number; + // The date, time, and time zone of the invoice for this appointment. + invoiceDate?: NullableOption; + // The ID of the invoice. + invoiceId?: NullableOption; + // The status of the invoice. Possible values are: draft, reviewing, open, canceled, paid, corrective. + invoiceStatus?: BookingInvoiceStatus; + // The URL of the invoice in Microsoft Bookings. + invoiceUrl?: NullableOption; + // Indicates that the customer can manage bookings created by the staff. The default value is false. + isCustomerAllowedToManageBooking?: NullableOption; + // Indicates that the appointment is held online. The default value is false. + isLocationOnline?: boolean; + // The URL of the online meeting for the appointment. + joinWebUrl?: NullableOption; + // The date, time and timezone when the booking business was last updated. + lastUpdatedDateTime?: NullableOption; /** - * The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific - * application. + * The maximum number of customers allowed in an appointment. If maximumAttendeesCount of the service is greater than 1, + * pass valid customer IDs while creating or updating an appointment. To create a customer, use the Create bookingCustomer + * operation. */ - claimsMappingPolicies?: NullableOption; - // The custom rules that define an access scenario when interacting with external Microsoft Entra tenants. - crossTenantAccessPolicy?: NullableOption; - // The tenant-wide policy that enforces app management restrictions for all applications and service principals. - defaultAppManagementPolicy?: NullableOption; + maximumAttendeesCount?: number; + onlineMeetingUrl?: NullableOption; /** - * Represents the tenant-wide policy that controls whether guests can leave a Microsoft Entra tenant via self-service - * controls. + * True indicates that the bookingCustomer for this appointment does not wish to receive a confirmation for this + * appointment. */ - externalIdentitiesPolicy?: NullableOption; - federatedTokenValidationPolicy?: NullableOption; - // The policy to control Microsoft Entra authentication behavior for federated users. - homeRealmDiscoveryPolicies?: NullableOption; - // The policy that specifies the conditions under which consent can be granted. - permissionGrantPolicies?: NullableOption; - servicePrincipalCreationPolicies?: NullableOption; - // The policy that specifies the characteristics of SAML tokens issued by Microsoft Entra ID. - tokenIssuancePolicies?: NullableOption; + optOutOfCustomerEmail?: boolean; /** - * The policy that controls the lifetime of a JWT access token, an ID token, or a SAML 1.1/2.0 token issued by Microsoft - * Entra ID. + * The amount of time to reserve after the appointment ends, for cleaning up, as an example. The value is expressed in + * ISO8601 format. */ - tokenLifetimePolicies?: NullableOption; - // The feature rollout policy associated with a directory object. - featureRolloutPolicies?: NullableOption; - // The policy that contains directory-level access review settings. - accessReviewPolicy?: NullableOption; - // The policy by which consent requests are created and managed for the entire tenant. - adminConsentRequestPolicy?: NullableOption; - directoryRoleAccessReviewPolicy?: NullableOption; - // The custom rules that define an access scenario. - conditionalAccessPolicies?: NullableOption; - // The policy that represents the security defaults that protect against common attacks. - identitySecurityDefaultsEnforcementPolicy?: NullableOption; - // The policy that defines autoenrollment configuration for a mobility management (MDM or MAM) application. - mobileAppManagementPolicies?: NullableOption; - mobileDeviceManagementPolicies?: NullableOption; - // Represents the role management policies. - roleManagementPolicies?: NullableOption; - // Represents the role management policy assignments. - roleManagementPolicyAssignments?: NullableOption; -} -export interface AuthenticationFlowsPolicy extends Entity { - // Inherited property. A description of the policy. This property isn't a key. Optional. Read-only. - description?: NullableOption; - // Inherited property. The human-readable name of the policy. This property isn't a key. Optional. Read-only. - displayName?: NullableOption; + postBuffer?: string; + /** + * The amount of time to reserve before the appointment begins, for preparation, as an example. The value is expressed in + * ISO8601 format. + */ + preBuffer?: string; + // The regular price for an appointment for the specified bookingService. + price?: number; + /** + * A setting to provide flexibility for the pricing structure of services. Possible values are: undefined, fixedPrice, + * startingAt, hourly, free, priceVaries, callUs, notSet, unknownFutureValue. + */ + priceType?: BookingPriceType; + // The value of this property is only available when reading an individual booking appointment by id. + reminders?: NullableOption; + /** + * Another tracking ID for the appointment, if the appointment was created directly by the customer on the scheduling + * page, as opposed to by a staff member on behalf of customer. + */ + selfServiceAppointmentId?: NullableOption; + // The ID of the bookingService associated with this appointment. + serviceId?: NullableOption; + // The location where the service is delivered. + serviceLocation?: NullableOption; /** - * Contains selfServiceSignUpAuthenticationFlowConfiguration settings that convey whether self-service sign-up is enabled - * or disabled. This property isn't a key. Optional. Read-only. + * This property is optional when creating a new appointment. If not specified, it is computed from the service associated + * with the appointment by the service id. */ - selfServiceSignUp?: NullableOption; + serviceName?: string; + // The value of this property is only available when reading an individual booking appointment by id. + serviceNotes?: NullableOption; + // True indicates SMS notifications will be sent to the customers for the appointment. Default value is false. + smsNotificationsEnabled?: boolean; + // The ID of each bookingStaffMember who is scheduled in this appointment. + staffMemberIds?: NullableOption; + // The date, time, and time zone that the appointment begins. + start?: DateTimeTimeZone; } -export interface B2cAuthenticationMethodsPolicy extends Entity { - // The tenant admin can configure local accounts using email if the email and password authentication method is enabled. - isEmailPasswordAuthenticationEnabled?: boolean; +export interface BookingBusiness extends BookingNamedEntity { /** - * The tenant admin can configure local accounts using phone number if the phone number and one-time password - * authentication method is enabled. + * The street address of the business. The address property, together with phone and webSiteUrl, appear in the footer of a + * business scheduling page. */ - isPhoneOneTimePasswordAuthenticationEnabled?: boolean; + address?: NullableOption; + // Settings for the published booking page. + bookingPageSettings?: NullableOption; + // The hours of operation for the business. + businessHours?: NullableOption; + // The type of business. + businessType?: NullableOption; + // The date, time and timezone when the booking business was created. + createdDateTime?: NullableOption; + // The code for the currency that the business operates in on Microsoft Bookings. + defaultCurrencyIso?: NullableOption; + // The email address for the business. + email?: NullableOption; /** - * The tenant admin can configure local accounts using username if the username and password authentication method is - * enabled. + * The scheduling page has been made available to external customers. Use the publish and unpublish actions to set this + * property. Read-only. */ - isUserNameAuthenticationEnabled?: boolean; -} -export interface DeviceRegistrationPolicy extends Entity { + isPublished?: NullableOption; + // The language of the self service booking page + languageTag?: NullableOption; + // The date, time and timezone when the booking business was last updated. + lastUpdatedDateTime?: NullableOption; /** - * Specifies the authorization policy for controlling registration of new devices using Microsoft Entra join within your - * organization. Required. For more information, see What is a device identity?. + * The telephone number for the business. The phone property, together with address and webSiteUrl, appear in the footer + * of a business scheduling page. */ - azureADJoin?: NullableOption; + phone?: NullableOption; + // The URL for the scheduling page, which is set after you publish or unpublish the page. Read-only. + publicUrl?: NullableOption; + // Specifies how bookings can be created for this business. + schedulingPolicy?: NullableOption; + // Example: https://www.contoso.com + webSiteUrl?: NullableOption; + // All the appointments of this business. Read-only. Nullable. + appointments?: NullableOption; + // The set of appointments of this business in a specified date range. Read-only. Nullable. + calendarView?: NullableOption; + // All the customers of this business. Read-only. Nullable. + customers?: NullableOption; + // All custom questions of this business. + customQuestions?: NullableOption; + // All the services offered by this business. Read-only. Nullable. + services?: NullableOption; + // All the staff members that provide services in this business. Read-only. Nullable. + staffMembers?: NullableOption; +} +export interface BookingCurrency extends Entity { + // The currency symbol. For example, the currency symbol for the US dollar and for the Australian dollar is $. + symbol?: string; +} +export interface BookingCustomer extends BookingPerson { + // Addresses associated with the customer, including home, business and other addresses. + addresses?: NullableOption; + // The date, time and timezone when the customer was created. + createdDateTime?: NullableOption; + // The date, time and timezone when the customer was last updated. + lastUpdatedDateTime?: NullableOption; + // Phone numbers associated with the customer, including home, business and mobile numbers. + phones?: NullableOption; +} +export interface BookingCustomQuestion extends Entity { + // The expected answer type. The possible values are: text, radioButton, unknownFutureValue. + answerInputType?: NullableOption; + // List of possible answer values. + answerOptions?: NullableOption; + // The date, time and timezone when the custom question was created. + createdDateTime?: NullableOption; + // The display name is suitable for human-readable interfaces. + displayName?: string; + // The date, time and timezone when the custom question was last updated. + lastUpdatedDateTime?: NullableOption; +} +export interface BookingNamedEntity extends Entity { + // The display name is suitable for human-readable interfaces. + displayName?: string; +} +export interface BookingPerson extends BookingNamedEntity { + // The email address of the person. + emailAddress?: NullableOption; +} +export interface BookingService extends BookingNamedEntity { + // Additional information that is sent to the customer when an appointment is confirmed. + additionalInformation?: NullableOption; + // The date, time and timezone when the Service was created. + createdDateTime?: NullableOption; + // Contains the set of custom questions associated with a particular service. + customQuestions?: NullableOption; /** - * Specifies the authorization policy for controlling registration of new devices using Microsoft Entra registered within - * your organization. Required. For more information, see What is a device identity?. + * The default length of the service, represented in numbers of days, hours, minutes, and seconds. For example, + * P11D23H59M59.999999999999S. */ - azureADRegistration?: NullableOption; + defaultDuration?: string; + // The default physical location for the service. + defaultLocation?: NullableOption; + // The default monetary price for the service. + defaultPrice?: number; /** - * The description of the device registration policy. It's always set to Tenant-wide policy that manages intial - * provisioning controls using quota restrictions, additional authentication and authorization checks. Read-only. + * The default way the service is charged. Possible values are: undefined, fixedPrice, startingAt, hourly, free, + * priceVaries, callUs, notSet, unknownFutureValue. */ + defaultPriceType?: BookingPriceType; + // The value of this property is only available when reading an individual booking service by id. + defaultReminders?: NullableOption; + // A text description for the service. description?: NullableOption; - // The name of the device registration policy. It's always set to Device Registration Policy. Read-only. - displayName?: NullableOption; - // Specifies the setting for Local Admin Password Solution (LAPS) within your organization. - localAdminPassword?: NullableOption; /** - * Specifies the authentication policy for a user to complete registration using Microsoft Entra join or Microsoft Entra - * registered within your organization. The possible values are: 0 (meaning notRequired), 1 (meaning required), and 2 - * (meaning unknownFutureValue). The default value is 0. + * Indicates if an anonymousJoinWebUrl(webrtcUrl) is generated for the appointment booked for this service. The default + * value is false. */ - multiFactorAuthConfiguration?: MultiFactorAuthConfiguration; + isAnonymousJoinEnabled?: boolean; + // Indicates that the customer can manage bookings created by the staff. The default value is false. + isCustomerAllowedToManageBooking?: NullableOption; + // True means this service isn't available to customers for booking. + isHiddenFromCustomers?: boolean; + // Indicates that the appointments for the service are held online. The default value is false. + isLocationOnline?: boolean; + // The language of the self service booking page. + languageTag?: string; + // The date, time and timezone when the Service was last updated. + lastUpdatedDateTime?: NullableOption; /** - * Specifies the maximum number of devices that a user can have within your organization before blocking new device - * registrations. The default value is set to 50. If this property isn't specified during the policy update operation, - * it's automatically reset to 0 to indicate that users aren't allowed to join any devices. + * The maximum number of customers allowed in a service. If maximumAttendeesCount of the service is greater than 1, pass + * valid customer IDs while creating or updating an appointment. To create a customer, use the Create bookingCustomer + * operation. */ - userDeviceQuota?: number; -} -// tslint:disable-next-line: no-empty-interface -export interface ActivityBasedTimeoutPolicy extends StsPolicy {} -export interface AuthorizationPolicy extends PolicyBase { - // Indicates whether users can sign up for email based subscriptions. - allowedToSignUpEmailBasedSubscriptions?: boolean; - // Indicates whether users can use the Self-Service Password Reset feature on the tenant. - allowedToUseSSPR?: boolean; - // Indicates whether a user can join the tenant by email validation. - allowEmailVerifiedUsersToJoinOrganization?: boolean; + maximumAttendeesCount?: number; + // Additional information about this service. + notes?: NullableOption; + // The time to buffer after an appointment for this service ends, and before the next customer appointment can be booked. + postBuffer?: string; + // The time to buffer before an appointment for this service can start. + preBuffer?: string; + // The set of policies that determine how appointments for this type of service should be created and managed. + schedulingPolicy?: NullableOption; /** - * Indicates who can invite guests to the organization. Possible values are: none, adminsAndGuestInviters, - * adminsGuestInvitersAndAllMembers, everyone. everyone is the default setting for all cloud environments except US - * Government. See more in the table below. + * True indicates SMS notifications can be sent to the customers for the appointment of the service. Default value is + * false. */ - allowInvitesFrom?: NullableOption; + smsNotificationsEnabled?: NullableOption; + // Represents those staff members who provide this service. + staffMemberIds?: NullableOption; + // The URL a customer uses to access the service. + webUrl?: NullableOption; +} +export interface BookingStaffMember extends BookingPerson { /** - * Indicates whether user consent for risky apps is allowed. Default value is false. We recommend that you keep the value - * set to false. + * True means that if the staff member is a Microsoft 365 user, the Bookings API would verify the staff member's + * availability in their personal calendar in Microsoft 365, before making a booking. */ - allowUserConsentForRiskyApps?: NullableOption; + availabilityIsAffectedByPersonalCalendar?: boolean; /** - * To disable the use of the MSOnline PowerShell module set this property to true. This will also disable user-based - * access to the legacy service endpoint used by the MSOnline PowerShell module. This doesn't affect Microsoft Entra - * Connect or Microsoft Graph. + * Identifies a color to represent the staff member. The color corresponds to the color palette in the Staff details page + * in the Bookings app. */ - blockMsolPowerShell?: NullableOption; - // Specifies certain customizable permissions for default user role. - defaultUserRolePermissions?: DefaultUserRolePermissions; - // List of features enabled for private preview on the tenant. - enabledPreviewFeatures?: NullableOption; + colorIndex?: NullableOption; + // The date, time and timezone when the staff member was created. + createdDateTime?: NullableOption; /** - * Represents role templateId for the role that should be granted to guests. Refer to List unifiedRoleDefinitions to find - * the list of available role templates. Currently following roles are supported: User - * (a0b1b346-4d3e-4e8b-98f8-753987be4970), Guest User (10dae51f-b6af-4016-8d66-8c2a99b929b3), and Restricted Guest User - * (2af84b1e-32c8-42b7-82bc-daa82404023b). + * Indicates that a staff members are notified via email when a booking assigned to them is created or changed. The + * default value is true */ - guestUserRoleId?: NullableOption; + isEmailNotificationEnabled?: boolean; + // The date, time and timezone when the staff member was last updated. + lastUpdatedDateTime?: NullableOption; + membershipStatus?: BookingStaffMembershipStatus; /** - * Indicates if user consent to apps is allowed, and if it is, which app consent policy (permissionGrantPolicy) governs - * the permission for users to grant consent. Values should be in the format managePermissionGrantsForSelf.{id}, where - * {id} is the id of a built-in or custom app consent policy. An empty list indicates user consent to apps is disabled. + * The role of the staff member in the business. Possible values are: guest, administrator, viewer, externalGuest, + * unknownFutureValue, scheduler, teamMember. You must use the Prefer: include-unknown-enum-members request header to get + * the following values from this evolvable enum: scheduler, teamMember. Required. */ - permissionGrantPolicyIdsAssignedToDefaultUserRole?: NullableOption; - defaultUserRoleOverrides?: NullableOption; -} -export interface TenantRelationshipAccessPolicyBase extends PolicyBase { - definition?: string[]; -} -export interface CrossTenantAccessPolicy extends TenantRelationshipAccessPolicyBase { + role?: BookingStaffRole; + // The time zone of the staff member. For a list of possible values, see dateTimeTimeZone. + timeZone?: NullableOption; /** - * Used to specify which Microsoft clouds an organization would like to collaborate with. By default, this value is empty. - * Supported values for this field are: microsoftonline.com, microsoftonline.us, and partner.microsoftonline.cn. + * True means the staff member's availability is as specified in the businessHours property of the business. False means + * the availability is determined by the staff member's workingHours property setting. */ - allowedCloudEndpoints?: string[]; - // Defines the default configuration for how your organization interacts with external Microsoft Entra organizations. - default?: NullableOption; - // Defines partner-specific configurations for external Microsoft Entra organizations. - partners?: NullableOption; - // Represents the base policy in the directory for multi-tenant organization settings. - templates?: NullableOption; -} -export interface TenantAppManagementPolicy extends PolicyBase { - // Restrictions that apply as default to all application objects in the tenant. - applicationRestrictions?: NullableOption; - // Denotes whether the policy is enabled. Default value is false. - isEnabled?: boolean; - // Restrictions that apply as default to all service principal objects in the tenant. - servicePrincipalRestrictions?: NullableOption; -} -export interface ExternalIdentitiesPolicy extends PolicyBase { - // Reserved for future use. - allowDeletedIdentitiesDataRemoval?: boolean; + useBusinessHours?: boolean; /** - * Defines whether external users can leave the guest tenant. If set to false, self-service controls are disabled, and the - * admin of the guest tenant must manually remove the external user from the guest tenant. When the external user leaves - * the tenant, their data in the guest tenant is first soft-deleted then permanently deleted in 30 days. + * The range of hours each day of the week that the staff member is available for booking. By default, they're initialized + * to be the same as the businessHours property of the business. */ - allowExternalIdentitiesToLeave?: boolean; -} -export interface FederatedTokenValidationPolicy extends DirectoryObject { - validatingDomains?: ValidatingDomains; -} -export interface PermissionGrantPolicy extends PolicyBase { - // Condition sets that are excluded in this permission grant policy. Automatically expanded on GET. - excludes?: NullableOption; - // Condition sets that are included in this permission grant policy. Automatically expanded on GET. - includes?: NullableOption; -} -export interface ServicePrincipalCreationPolicy extends PolicyBase { - isBuiltIn?: NullableOption; - excludes?: NullableOption; - includes?: NullableOption; -} -export interface AccessReviewPolicy extends Entity { - // Description for this policy. Read-only. - description?: NullableOption; - // Display name for this policy. Read-only. - displayName?: string; - // If true, group owners can create and manage access reviews on groups they own. - isGroupOwnerManagementEnabled?: boolean; -} -export interface AdminConsentRequestPolicy extends Entity { - // Specifies whether the admin consent request feature is enabled or disabled. Required. - isEnabled?: boolean; - // Specifies whether reviewers will receive notifications. Required. - notifyReviewers?: boolean; - // Specifies whether reviewers will receive reminder emails. Required. - remindersEnabled?: boolean; - // Specifies the duration the request is active before it automatically expires if no decision is applied. - requestDurationInDays?: number; - // Required. - reviewers?: NullableOption; - // Specifies the version of this policy. When the policy is updated, this version is updated. Read-only. - version?: number; -} -export interface DirectoryRoleAccessReviewPolicy extends Entity { - settings?: NullableOption; -} -// tslint:disable-next-line: interface-name -export interface IdentitySecurityDefaultsEnforcementPolicy extends PolicyBase { - // If set to true, Microsoft Entra security defaults are enabled for the tenant. - isEnabled?: boolean; -} -export interface MobilityManagementPolicy extends Entity { - // Indicates the user scope of the mobility management policy. Possible values are: none, all, selected. - appliesTo?: NullableOption; - // Compliance URL of the mobility management application. - complianceUrl?: NullableOption; - // Description of the mobility management application. - description?: NullableOption; - // Discovery URL of the mobility management application. - discoveryUrl?: NullableOption; - // Display name of the mobility management application. - displayName?: NullableOption; - // Whether policy is valid. Invalid policies may not be updated and should be deleted. - isValid?: NullableOption; - // Terms of Use URL of the mobility management application. - termsOfUseUrl?: NullableOption; - // Microsoft Entra groups under the scope of the mobility management application if appliesTo is selected - includedGroups?: NullableOption; + workingHours?: NullableOption; } -export interface UnifiedRoleManagementPolicy extends Entity { - // Description for the policy. - description?: string; - // Display name for the policy. +export interface BrowserSharedCookie extends Entity { + // The comment for the shared cookie. + comment?: string; + // The date and time when the shared cookie was created. + createdDateTime?: string; + // The date and time when the shared cookie was deleted. + deletedDateTime?: NullableOption; + // The name of the cookie. displayName?: string; + // The history of modifications applied to the cookie. + history?: BrowserSharedCookieHistory[]; + // Controls whether a cookie is a host-only or domain cookie. + hostOnly?: boolean; + // The URL of the cookie. + hostOrDomain?: string; + // The user who last modified the cookie. + lastModifiedBy?: NullableOption; + // The date and time when the cookie was last modified. + lastModifiedDateTime?: string; + // The path of the cookie. + path?: string; /** - * This can only be set to true for a single tenant-wide policy which will apply to all scopes and roles. Set the scopeId - * to / and scopeType to Directory. Supports $filter (eq, ne). + * Specifies how the cookies are shared between Microsoft Edge and Internet Explorer. The possible values are: + * microsoftEdge, internetExplorer11, both, unknownFutureValue. */ - isOrganizationDefault?: NullableOption; - // The identity who last modified the role setting. - lastModifiedBy?: NullableOption; - // The time when the role setting was last modified. - lastModifiedDateTime?: NullableOption; - // The identifier of the scope where the policy is created. Can be / for the tenant or a group ID. Required. - scopeId?: string; - // The type of the scope where the policy is created. One of Directory, DirectoryRole, Group. Required. - scopeType?: string; + sourceEnvironment?: BrowserSharedCookieSourceEnvironment; /** - * The list of effective rules like approval rules and expiration rules evaluated based on inherited referenced rules. For - * example, if there is a tenant-wide policy to enforce enabling an approval rule, the effective rule will be to enable - * approval even if the policy has a rule to disable approval. Supports $expand. + * The status of the cookie. The possible values are: published, pendingAdd, pendingEdit, pendingDelete, + * unknownFutureValue. */ - effectiveRules?: NullableOption; - // The collection of rules like approval rules and expiration rules. Supports $expand. - rules?: NullableOption; + status?: BrowserSharedCookieStatus; } -export interface UnifiedRoleManagementPolicyAssignment extends Entity { - // The id of the policy. Inherited from entity. - policyId?: string; +export interface BrowserSite extends Entity { /** - * For Microsoft Entra roles policy, it's the identifier of the role definition object where the policy applies. For PIM - * for groups membership and ownership, it's either member or owner. Supports $filter (eq). + * Controls the behavior of redirected sites. If true, indicates that the site will open in Internet Explorer 11 or + * Microsoft Edge even if the site is navigated to as part of a HTTP or meta refresh redirection chain. */ - roleDefinitionId?: NullableOption; - // The identifier of the scope where the policy is assigned. Can be / for the tenant or a group ID. Required. - scopeId?: string; - // The type of the scope where the policy is assigned. One of Directory, DirectoryRole, Group. Required. - scopeType?: string; + allowRedirect?: boolean; + // The comment for the site. + comment?: string; /** - * The policy that's associated with a policy assignment. Supports $expand and a nested $expand of the rules and - * effectiveRules relationships for the policy. + * Controls what compatibility setting is used for specific sites or domains. The possible values are: default, + * internetExplorer8Enterprise, internetExplorer7Enterprise, internetExplorer11, internetExplorer10, internetExplorer9, + * internetExplorer8, internetExplorer7, internetExplorer5, unknownFutureValue. */ - policy?: NullableOption; -} -export interface SmsAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { - // A collection of groups that are enabled to use the authentication method. - includeTargets?: NullableOption; -} -export interface SmsAuthenticationMethodTarget extends AuthenticationMethodTarget { + compatibilityMode?: BrowserSiteCompatibilityMode; + // The date and time when the site was created. + createdDateTime?: string; + // The date and time when the site was deleted. + deletedDateTime?: NullableOption; + // The history of modifications applied to the site. + history?: BrowserSiteHistory[]; + // The user who last modified the site. + lastModifiedBy?: NullableOption; + // The date and time when the site was last modified. + lastModifiedDateTime?: string; + // The merge type of the site. The possible values are: noMerge, default, unknownFutureValue. + mergeType?: BrowserSiteMergeType; /** - * Determines if users can use this authentication method to sign in to Microsoft Entra ID. true if users can use this - * method for primary authentication, otherwise false. + * Indicates the status of the site. The possible values are: published, pendingAdd, pendingEdit, pendingDelete, + * unknownFutureValue. */ - isUsableForSignIn?: boolean; -} -export interface SoftwareOathAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { - // A collection of groups that are enabled to use the authentication method. Expanded by default. - includeTargets?: NullableOption; -} -export interface TemporaryAccessPassAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { - // Default length in characters of a Temporary Access Pass object. Must be between 8 and 48 characters. - defaultLength?: NullableOption; + status?: BrowserSiteStatus; /** - * Default lifetime in minutes for a Temporary Access Pass. Value can be any integer between the minimumLifetimeInMinutes - * and maximumLifetimeInMinutes. + * The target environment that the site should open in. The possible values are: internetExplorerMode, internetExplorer11, + * microsoftEdge, configurable, none, unknownFutureValue.Prior to June 15, 2022, the internetExplorer11 option would allow + * opening a site in the Internet Explorer 11 (IE11) desktop application. Following the retirement of IE11 on June 15, + * 2022, the internetExplorer11 option will no longer open an IE11 window and will instead behave the same as the + * internetExplorerMode option. */ - defaultLifetimeInMinutes?: NullableOption; + targetEnvironment?: BrowserSiteTargetEnvironment; + // The URL of the site. + webUrl?: string; +} +export interface BrowserSiteList extends Entity { + // The description of the site list. + description?: string; + // The name of the site list. + displayName?: string; + // The user who last modified the site list. + lastModifiedBy?: NullableOption; + // The date and time when the site list was last modified. + lastModifiedDateTime?: string; + // The user who published the site list. + publishedBy?: NullableOption; + // The date and time when the site list was published. + publishedDateTime?: NullableOption; + // The current revision of the site list. + revision?: string; + // The current status of the site list. The possible values are: draft, published, pending, unknownFutureValue. + status?: BrowserSiteListStatus; + // A collection of shared cookies defined for the site list. + sharedCookies?: NullableOption; + // A collection of sites defined for the site list. + sites?: NullableOption; +} +export interface BuiltInIdentityProvider extends IdentityProviderBase { + // The identity provider type. For a B2B scenario, possible values: AADSignup, MicrosoftAccount, EmailOTP. Required. + identityProviderType?: NullableOption; + state?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface BulkUpload extends Entity {} +export interface BusinessFlow extends Entity { + customData?: NullableOption; + deDuplicationId?: NullableOption; + description?: NullableOption; + displayName?: NullableOption; + policy?: NullableOption; + policyTemplateId?: NullableOption; + recordVersion?: NullableOption; + schemaId?: NullableOption; + settings?: NullableOption; +} +export interface BusinessFlowTemplate extends Entity { + // The name of the business flow template + displayName?: NullableOption; +} +export interface BusinessScenario extends Entity { + // The identity of the user who created the scenario. + createdBy?: NullableOption; /** - * If true, all the passes in the tenant will be restricted to one-time use. If false, passes in the tenant can be created - * to be either one-time use or reusable. + * The date and time when the scenario was created. The Timestamp type represents date and time information using ISO 8601 + * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - isUsableOnce?: NullableOption; + createdDateTime?: string; + // Display name of the scenario. + displayName?: NullableOption; + // The identity of the user who last modified the scenario. + lastModifiedBy?: NullableOption; /** - * Maximum lifetime in minutes for any Temporary Access Pass created in the tenant. Value can be between 10 and 43200 - * minutes (equivalent to 30 days). + * The date and time when the scenario was last modified. The Timestamp type represents date and time information using + * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - maximumLifetimeInMinutes?: NullableOption; + lastModifiedDateTime?: string; + // Identifiers of applications that are authorized to work with this scenario. + ownerAppIds?: NullableOption; /** - * Minimum lifetime in minutes for any Temporary Access Pass created in the tenant. Value can be between 10 and 43200 - * minutes (equivalent to 30 days). + * Unique name of the scenario. To avoid conflicts, the recommended value for the unique name is a reverse domain name + * format, owned by the author of the scenario. For example, a scenario authored by Contoso.com would have a unique name + * that starts with com.contoso. */ - minimumLifetimeInMinutes?: NullableOption; - // A collection of groups that are enabled to use the authentication method. - includeTargets?: NullableOption; + uniqueName?: NullableOption; + // Planner content related to the scenario. + planner?: NullableOption; } -export interface VoiceAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { - // true if users can register office phones, otherwise, false. - isOfficePhoneAllowed?: NullableOption; - // A collection of groups that are enabled to use the authentication method. Expanded by default. - includeTargets?: NullableOption; +export interface BusinessScenarioPlanner extends Entity { + // The configuration of Planner plans that will be created for the scenario. + planConfiguration?: NullableOption; + // The configuration of Planner tasks that will be created for the scenario. + taskConfiguration?: NullableOption; + // The Planner tasks for the scenario. + tasks?: NullableOption; +} +export interface BusinessScenarioPlanReference extends Entity { + // The title property of the plannerPlan. + title?: NullableOption; } -// tslint:disable-next-line: no-empty-interface -export interface VoiceAuthenticationMethodTarget extends AuthenticationMethodTarget {} -export interface X509CertificateAuthenticationMethodConfiguration extends AuthenticationMethodConfiguration { +export interface BusinessScenarioTask extends PlannerTask { /** - * Defines strong authentication configurations. This configuration includes the default authentication mode and the - * different rules for strong authentication bindings. + * Scenario-specific properties of the task. externalObjectId and externalBucketId properties must be specified when + * creating a task. */ - authenticationModeConfiguration?: NullableOption; + businessScenarioProperties?: NullableOption; + // Target of the task that specifies where the task should be placed. Must be specified when creating a task. + target?: NullableOption; +} +export interface Calendar extends Entity { /** - * Defines fields in the X.509 certificate that map to attributes of the Microsoft Entra user object in order to bind the - * certificate to the user. The priority of the object determines the order in which the binding is carried out. The first - * binding that matches will be used and the rest ignored. + * Represent the online meeting service providers that can be used to create online meetings in this calendar. Possible + * values are: unknown, skypeForBusiness, skypeForConsumer, teamsForBusiness. */ - certificateUserBindings?: NullableOption; + allowedOnlineMeetingProviders?: NullableOption; /** - * Determines whether issuer(CA) hints are sent back to the client side to filter the certificates shown in certificate - * picker. + * The calendarGroup in which to create the calendar. If the user has never explicitly set a group for the calendar, this + * property is null. */ - issuerHintsConfiguration?: NullableOption; - // A collection of groups that are enabled to use the authentication method. - includeTargets?: NullableOption; -} -export interface SearchEntity extends Entity { - // Administrative answer in Microsoft Search results to define common acronyms in a organization. - acronyms?: NullableOption; - // Administrative answer in Microsoft Search results for common search queries in an organization. - bookmarks?: NullableOption; + calendarGroupId?: NullableOption; /** - * Administrative answer in Microsoft Search results which provide answers for specific search keywords in an - * organization. + * true if the user can write to the calendar, false otherwise. This property is true for the user who created the + * calendar. This property is also true for a user who has been shared a calendar and granted write access, through an + * Outlook client or the corresponding calendarPermission resource. Read-only. */ - qnas?: NullableOption; -} -export interface Bitlocker extends Entity { - // The recovery keys associated with the bitlocker entity. - recoveryKeys?: NullableOption; -} -export interface BitlockerRecoveryKey extends Entity { - // The date and time when the key was originally backed up to Microsoft Entra ID. - createdDateTime?: string; - // ID of the device the BitLocker key is originally backed up from. - deviceId?: NullableOption; - // The BitLocker recovery key. - key?: string; + canEdit?: NullableOption; /** - * Indicates the type of volume the BitLocker key is associated with. Possible values are: operatingSystemVolume, - * fixedDataVolume, removableDataVolume, unknownFutureValue. + * true if the user has the permission to share the calendar, false otherwise. Only the user who created the calendar can + * share it. Read-only. */ - volumeType?: NullableOption; -} -export interface DataLossPreventionPolicy extends Entity { - name?: NullableOption; -} -export interface SensitivityLabel extends Entity { - applicableTo?: NullableOption; - applicationMode?: NullableOption; - assignedPolicies?: NullableOption; - autoLabeling?: NullableOption; - description?: NullableOption; - displayName?: NullableOption; - isDefault?: NullableOption; - isEndpointProtectionEnabled?: NullableOption; - labelActions?: NullableOption; - name?: NullableOption; - priority?: NullableOption; - toolTip?: NullableOption; - sublabels?: NullableOption; -} -export interface SensitivityPolicySettings extends Entity { - applicableTo?: NullableOption; - downgradeSensitivityRequiresJustification?: NullableOption; - helpWebUrl?: NullableOption; - isMandatory?: NullableOption; -} -// tslint:disable-next-line: interface-name -export interface InformationProtectionPolicy extends Entity { - labels?: NullableOption; -} -export interface ThreatAssessmentRequest extends Entity { - // The threat category. Possible values are: spam, phishing, malware. - category?: ThreatCategory; - // The content type of threat assessment. Possible values are: mail, url, file. - contentType?: NullableOption; - // The threat assessment request creator. - createdBy?: NullableOption; + canShare?: NullableOption; /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * true if the user can read calendar items that have been marked private, false otherwise. This property is set through + * an Outlook client or the corresponding calendarPermission resource. Read-only. */ - createdDateTime?: NullableOption; - // The expected assessment from submitter. Possible values are: block, unblock. - expectedAssessment?: ThreatExpectedAssessment; - // The source of the threat assessment request. Possible values are: user, administrator. - requestSource?: NullableOption; - // The assessment process status. Possible values are: pending, completed. - status?: NullableOption; + canViewPrivateItems?: NullableOption; /** - * A collection of threat assessment results. Read-only. By default, a GET /threatAssessmentRequests/{id} does not return - * this property unless you apply $expand on it. + * Identifies the version of the calendar object. Every time the calendar is changed, changeKey changes as well. This + * allows Exchange to apply changes to the correct version of the object. Read-only. */ - results?: NullableOption; -} -export interface BookingAppointment extends Entity { - // Additional information that is sent to the customer when an appointment is confirmed. - additionalInformation?: NullableOption; - // The URL of the meeting to join anonymously. - anonymousJoinWebUrl?: NullableOption; - // The SMTP address of the bookingCustomer who is booking the appointment. - customerEmailAddress?: NullableOption; + changeKey?: NullableOption; /** - * If CustomerId is not specified when an appointment is created then a new customer is created based on the appointment - * customer information. Once set, the customerId should be considered immutable. + * Specifies the color theme to distinguish the calendar from other calendars in a UI. The property values are: auto, + * lightBlue, lightGreen, lightOrange, lightGray, lightYellow, lightTeal, lightPink, lightBrown, lightRed, maxColor. */ - customerId?: NullableOption; - // Represents location information for the bookingCustomer who is booking the appointment. - customerLocation?: NullableOption; - // The customer's name. - customerName?: NullableOption; + color?: NullableOption; /** - * The value of this property is only available when reading an individual booking appointment by id. Its value can only - * be set when creating a new appointment with a new customer, ie, without specifying a CustomerId. After that, the - * property is computed from the customer represented by CustomerId. + * The default online meeting provider for meetings sent from this calendar. Possible values are: unknown, + * skypeForBusiness, skypeForConsumer, teamsForBusiness. */ - customerNotes?: NullableOption; - // The customer's phone number. - customerPhone?: NullableOption; + defaultOnlineMeetingProvider?: NullableOption; /** - * A collection of the customer properties for an appointment. An appointment will contain a list of customer information - * and each unit will indicate the properties of a customer who is part of that appointment. Optional. + * The calendar color, expressed in a hex color code of three hexadecimal values, each ranging from 00 to FF and + * representing the red, green, or blue components of the color in the RGB color space. If the user has never explicitly + * set a color for the calendar, this property is empty. */ - customers?: BookingCustomerInformationBase[]; - // The time zone of the customer. For a list of possible values, see dateTimeTimeZone. - customerTimeZone?: NullableOption; - // The length of the appointment, denoted in ISO8601 format. - duration?: string; - // The date, time, and time zone that the appointment ends. - end?: DateTimeTimeZone; - // The current number of customers in the appointment. - filledAttendeesCount?: number; - // The billed amount on the invoice. - invoiceAmount?: number; - // The date, time, and time zone of the invoice for this appointment. - invoiceDate?: NullableOption; - // The ID of the invoice. - invoiceId?: NullableOption; - // The status of the invoice. Possible values are: draft, reviewing, open, canceled, paid, corrective. - invoiceStatus?: BookingInvoiceStatus; - // The URL of the invoice in Microsoft Bookings. - invoiceUrl?: NullableOption; - // True indicates that the appointment will be held online. Default value is false. - isLocationOnline?: boolean; - // The URL of the online meeting for the appointment. - joinWebUrl?: NullableOption; + hexColor?: NullableOption; + // true if this is the default calendar where new events are created by default, false otherwise. + isDefaultCalendar?: NullableOption; + // Indicates whether this user calendar can be deleted from the user mailbox. + isRemovable?: NullableOption; /** - * The maximum number of customers allowed in an appointment. If maximumAttendeesCount of the service is greater than 1, - * pass valid customer IDs while creating or updating an appointment. To create a customer, use the Create bookingCustomer - * operation. + * true if the user has shared the calendar with other users, false otherwise. Since only the user who created the + * calendar can share it, isShared and isSharedWithMe cannot be true for the same user. This property is set when sharing + * is initiated in an Outlook client, and can be reset when the sharing is cancelled through the client or the + * corresponding calendarPermission resource. Read-only. */ - maximumAttendeesCount?: number; - onlineMeetingUrl?: NullableOption; + isShared?: NullableOption; /** - * True indicates that the bookingCustomer for this appointment does not wish to receive a confirmation for this - * appointment. + * true if the user has been shared this calendar, false otherwise. This property is always false for a calendar owner. + * This property is set when sharing is initiated in an Outlook client, and can be reset when the sharing is cancelled + * through the client or the corresponding calendarPermission resource. Read-only. */ - optOutOfCustomerEmail?: boolean; + isSharedWithMe?: NullableOption; /** - * The amount of time to reserve after the appointment ends, for cleaning up, as an example. The value is expressed in - * ISO8601 format. + * Indicates whether this user calendar supports tracking of meeting responses. Only meeting invites sent from users' + * primary calendars support tracking of meeting responses. */ - postBuffer?: string; + isTallyingResponses?: NullableOption; + // The calendar name. + name?: NullableOption; /** - * The amount of time to reserve before the appointment begins, for preparation, as an example. The value is expressed in - * ISO8601 format. + * If set, this represents the user who created or added the calendar. For a calendar that the user created or added, the + * owner property is set to the user. For a calendar shared with the user, the owner property is set to the person who + * shared that calendar with the user. Read-only. */ - preBuffer?: string; - // The regular price for an appointment for the specified bookingService. - price?: number; + owner?: NullableOption; + // The permissions of the users with whom the calendar is shared. + calendarPermissions?: NullableOption; + // The calendar view for the calendar. Navigation property. Read-only. + calendarView?: NullableOption; + // The events in the calendar. Navigation property. Read-only. + events?: NullableOption; + // The collection of multi-value extended properties defined for the calendar. Read-only. Nullable. + multiValueExtendedProperties?: NullableOption; + // The collection of single-value extended properties defined for the calendar. Read-only. Nullable. + singleValueExtendedProperties?: NullableOption; +} +export interface CalendarGroup extends Entity { /** - * A setting to provide flexibility for the pricing structure of services. Possible values are: undefined, fixedPrice, - * startingAt, hourly, free, priceVaries, callUs, notSet, unknownFutureValue. + * Identifies the version of the calendar group. Every time the calendar group is changed, ChangeKey changes as well. This + * allows Exchange to apply changes to the correct version of the object. Read-only. */ - priceType?: BookingPriceType; - // The value of this property is only available when reading an individual booking appointment by id. - reminders?: NullableOption; + changeKey?: NullableOption; + // The class identifier. Read-only. + classId?: NullableOption; + // The group name. + name?: NullableOption; + // The calendars in the calendar group. Navigation property. Read-only. Nullable. + calendars?: NullableOption; +} +export interface CalendarPermission extends Entity { /** - * An additional tracking ID for the appointment, if the appointment has been created directly by the customer on the - * scheduling page, as opposed to by a staff member on the behalf of the customer. + * List of allowed sharing or delegating permission levels for the calendar. Possible values are: none, freeBusyRead, + * limitedRead, read, write, delegateWithoutPrivateEventAccess, delegateWithPrivateEventAccess, custom. */ - selfServiceAppointmentId?: NullableOption; - // The ID of the bookingService associated with this appointment. - serviceId?: NullableOption; - // The location where the service is delivered. - serviceLocation?: NullableOption; + allowedRoles?: NullableOption; /** - * This property is optional when creating a new appointment. If not specified, it is computed from the service associated - * with the appointment by the service id. + * Represents a share recipient or delegate who has access to the calendar. For the 'My Organization' share recipient, the + * address property is null. Read-only. */ - serviceName?: string; - // The value of this property is only available when reading an individual booking appointment by id. - serviceNotes?: NullableOption; - // True indicates SMS notifications will be sent to the customers for the appointment. Default value is false. - smsNotificationsEnabled?: boolean; - // The ID of each bookingStaffMember who is scheduled in this appointment. - staffMemberIds?: NullableOption; - // The date, time, and time zone that the appointment begins. - start?: DateTimeTimeZone; + emailAddress?: NullableOption; + // True if the user in context (share recipient or delegate) is inside the same organization as the calendar owner. + isInsideOrganization?: NullableOption; + /** + * True if the user can be removed from the list of recipients or delegates for the specified calendar, false otherwise. + * The 'My organization' user determines the permissions other people within your organization have to the given calendar. + * You can't remove 'My organization' as a recipient to a calendar. + */ + isRemovable?: NullableOption; + // Current permission level of the calendar share recipient or delegate. + role?: NullableOption; } -export interface BookingNamedEntity extends Entity { - // The display name is suitable for human-readable interfaces. - displayName?: string; +export interface CalendarSharingMessage extends Message { + canAccept?: NullableOption; + sharingMessageAction?: NullableOption; + sharingMessageActions?: NullableOption; + suggestedCalendarName?: NullableOption; } -export interface BookingBusiness extends BookingNamedEntity { +export interface Call extends Entity { + // The list of active modalities. Possible values are: unknown, audio, video, videoBasedScreenSharing, data. Read-only. + activeModalities?: NullableOption; + // The participant that answered the call. Read-only. + answeredBy?: NullableOption; + // The callback URL on which callbacks will be delivered. Must be https. + callbackUri?: string; /** - * The street address of the business. The address property, together with phone and webSiteUrl, appear in the footer of a - * business scheduling page. + * A unique identifier for all the participant calls in a conference or a unique identifier for two participant calls in a + * P2P call. This needs to be copied over from Microsoft.Graph.Call.CallChainId. */ - address?: NullableOption; - // The hours of operation for the business. - businessHours?: NullableOption; - // The type of business. - businessType?: NullableOption; - // The code for the currency that the business operates in on Microsoft Bookings. - defaultCurrencyIso?: NullableOption; - // The email address for the business. - email?: NullableOption; + callChainId?: NullableOption; + // Contains the optional features for the call. + callOptions?: NullableOption; + // The routing information on how the call was retargeted. Read-only. + callRoutes?: NullableOption; + // The chat information. Required information for meeting scenarios. + chatInfo?: NullableOption; + // The direction of the call. The possible values are incoming or outgoing. Read-only. + direction?: NullableOption; + // The context associated with an incoming call. Read-only. Server generated. + incomingContext?: NullableOption; + // The media configuration. Required information for creating peer to peer calls or joining meetings. + mediaConfig?: NullableOption; + // Read-only. The call media state. + mediaState?: NullableOption; + // Contains the capabilities of a meeting. Read-only. + meetingCapability?: NullableOption; + // The meeting information. Required information for meeting scenarios. + meetingInfo?: NullableOption; + myParticipantId?: NullableOption; + requestedModalities?: NullableOption; + resultInfo?: NullableOption; + ringingTimeoutInSeconds?: NullableOption; + routingPolicies?: NullableOption; + source?: NullableOption; + state?: NullableOption; + subject?: NullableOption; + targets?: NullableOption; + tenantId?: NullableOption; + terminationReason?: NullableOption; + toneInfo?: NullableOption; + // The transcription information for the call. Read-only. + transcription?: NullableOption; + audioRoutingGroups?: NullableOption; + contentSharingSessions?: NullableOption; + operations?: NullableOption; + participants?: NullableOption; +} +export interface CallActivityStatistics extends ActivityStatistics { /** - * The scheduling page has been made available to external customers. Use the publish and unpublish actions to set this - * property. Read-only. + * Time spent on calls outside of working hours, which is based on the user's Outlook calendar setting for work hours. The + * value is represented in ISO 8601 format for durations. */ - isPublished?: NullableOption; - // The language of the self service booking page - languageTag?: NullableOption; + afterHours?: string; +} +export interface CallEvent extends Entity { + callEventType?: NullableOption; + eventDateTime?: NullableOption; + participants?: NullableOption; +} +export interface CallRecording extends Entity { + // The content of the recording. Read-only. + content?: NullableOption; /** - * The telephone number for the business. The phone property, together with address and webSiteUrl, appear in the footer - * of a business scheduling page. + * Date and time at which the recording was created. The timestamp type represents date and time information using ISO + * 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - phone?: NullableOption; - // The URL for the scheduling page, which is set after you publish or unpublish the page. Read-only. - publicUrl?: NullableOption; - // Specifies how bookings can be created for this business. - schedulingPolicy?: NullableOption; - // Example: https://www.contoso.com - webSiteUrl?: NullableOption; - // All the appointments of this business. Read-only. Nullable. - appointments?: NullableOption; - // The set of appointments of this business in a specified date range. Read-only. Nullable. - calendarView?: NullableOption; - // All the customers of this business. Read-only. Nullable. - customers?: NullableOption; - // All the custom questions of this business. Read-only. Nullable. - customQuestions?: NullableOption; - // All the services offered by this business. Read-only. Nullable. - services?: NullableOption; - // All the staff members that provide services in this business. Read-only. Nullable. - staffMembers?: NullableOption; + createdDateTime?: NullableOption; + // The unique identifier of the onlineMeeting related to this recording. Read-only. + meetingId?: NullableOption; + // The identity information of the organizer of the onlineMeeting related to this recording. Read-only. + meetingOrganizer?: NullableOption; + // The unique identifier of the organizer of the onlineMeeting related to this recording. Read-only. + meetingOrganizerId?: NullableOption; + // The URL which can be used to access the content of the recording. Read-only. + recordingContentUrl?: NullableOption; } -export interface BookingPerson extends BookingNamedEntity { - // The email address of the person. - emailAddress?: NullableOption; +export interface CallTranscript extends Entity { + // The content of the transcript. Read-only. + content?: NullableOption; + /** + * Date and time at which the transcript was created. The DateTimeOffset type represents date and time information using + * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. + */ + createdDateTime?: NullableOption; + // The unique identifier of the online meeting related to this transcript. Read-only. + meetingId?: NullableOption; + // The identity information of the organizer of the onlineMeeting related to this transcript. Read-only. + meetingOrganizer?: NullableOption; + // The unique identifier of the organizer of the onlineMeeting related to this transcript. Read-only. + meetingOrganizerId?: NullableOption; + // The time-aligned metadata of the utterances in the transcript. Read-only. + metadataContent?: NullableOption; + // The URL which can be used to access the content of the transcript. Read-only. + transcriptContentUrl?: NullableOption; } -export interface BookingCustomer extends BookingPerson { - // Addresses associated with the customer, including home, business and other addresses. - addresses?: NullableOption; - // Phone numbers associated with the customer, including home, business and mobile numbers. - phones?: NullableOption; +// tslint:disable-next-line: no-empty-interface +export interface CancelMediaProcessingOperation extends CommsOperation {} +export interface CanvasLayout extends Entity { + // Collection of horizontal sections on the SharePoint page. + horizontalSections?: NullableOption; + // Vertical section on the SharePoint page. + verticalSection?: NullableOption; } -export interface BookingCustomQuestion extends Entity { - // The expected answer type. The possible values are: text, radioButton, unknownFutureValue. - answerInputType?: NullableOption; - // List of possible answer values. - answerOptions?: NullableOption; - // The display name is suitable for human-readable interfaces. - displayName?: string; +export interface CartToClassAssociation extends Entity { + // Identifiers of classrooms to be associated with device carts. + classroomIds?: NullableOption; + // DateTime the object was created. + createdDateTime?: string; + // Admin provided description of the CartToClassAssociation. + description?: NullableOption; + // Identifiers of device carts to be associated with classes. + deviceCartIds?: NullableOption; + // Admin provided name of the device configuration. + displayName?: NullableOption; + // DateTime the object was last modified. + lastModifiedDateTime?: string; + // Version of the CartToClassAssociation. + version?: number; } -export interface BookingService extends BookingNamedEntity { - // Additional information that is sent to the customer when an appointment is confirmed. - additionalInformation?: NullableOption; - // Contains the set of custom questions associated with a particular service. - customQuestions?: NullableOption; +export interface CertificateAuthorityAsEntity extends Entity { + // The trusted certificate. + certificate?: string; /** - * The default length of the service, represented in numbers of days, hours, minutes, and seconds. For example, - * P11D23H59M59.999999999999S. + * Indicates if the certificate is a root authority. In a certificateBasedApplicationConfiguration object, at least one + * object in the trustedCertificateAuthorities collection must be a root authority. */ - defaultDuration?: string; - // The default physical location for the service. - defaultLocation?: NullableOption; - // The default monetary price for the service. - defaultPrice?: number; + isRootAuthority?: boolean; + // The issuer of the trusted certificate. + issuer?: string; + // The subject key identifier of the trusted certificate. + issuerSubjectKeyIdentifier?: string; +} +export interface CertificateAuthorityPath extends Entity { /** - * The default way the service is charged. Possible values are: undefined, fixedPrice, startingAt, hourly, free, - * priceVaries, callUs, notSet, unknownFutureValue. + * Defines the trusted certificate authorities for certificates that can be added to apps and service principals in the + * tenant. */ - defaultPriceType?: BookingPriceType; - // The value of this property is only available when reading an individual booking service by id. - defaultReminders?: NullableOption; - // A text description for the service. + certificateBasedApplicationConfigurations?: NullableOption; +} +export interface CertificateBasedApplicationConfiguration extends TrustedCertificateAuthorityAsEntityBase { + // The description of the trusted certificate authorities. description?: NullableOption; - // True if an anonymousJoinWebUrl(webrtcUrl) will be generated for the appointment booked for this service. - isAnonymousJoinEnabled?: boolean; - // True means this service isn't available to customers for booking. - isHiddenFromCustomers?: boolean; - // True indicates that the appointments for the service will be held online. Default value is false. - isLocationOnline?: boolean; - // The language of the self service booking page. - languageTag?: string; + // The display name of the trusted certificate authorities. + displayName?: NullableOption; +} +export interface CertificateBasedAuthConfiguration extends Entity { + // Collection of certificate authorities which creates a trusted certificate chain. + certificateAuthorities?: CertificateAuthority[]; +} +export interface CertificateConnectorDetails extends Entity { + // Connector name (set during enrollment). + connectorName?: NullableOption; + // Version of the connector installed. + connectorVersion?: NullableOption; + // Date/time when this connector was enrolled. + enrollmentDateTime?: string; + // Date/time when this connector last connected to the service. + lastCheckinDateTime?: string; + // Name of the machine hosting this connector service. + machineName?: NullableOption; +} +export interface ChangeTrackedEntity extends Entity { + // Identity of the user who created the entity. + createdBy?: NullableOption; /** - * The maximum number of customers allowed in a service. If maximumAttendeesCount of the service is greater than 1, pass - * valid customer IDs while creating or updating an appointment. To create a customer, use the Create bookingCustomer - * operation. - */ - maximumAttendeesCount?: number; - // Additional information about this service. - notes?: NullableOption; - // The time to buffer after an appointment for this service ends, and before the next customer appointment can be booked. - postBuffer?: string; - // The time to buffer before an appointment for this service can start. - preBuffer?: string; - // The set of policies that determine how appointments for this type of service should be created and managed. - schedulingPolicy?: NullableOption; + * The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + */ + createdDateTime?: NullableOption; + // Identity of the user who last modified the entity. + lastModifiedBy?: NullableOption; /** - * True indicates SMS notifications can be sent to the customers for the appointment of the service. Default value is - * false. + * The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - smsNotificationsEnabled?: NullableOption; - // Represents those staff members who provide this service. - staffMemberIds?: NullableOption; - // The URL a customer uses to access the service. - webUrl?: NullableOption; + lastModifiedDateTime?: NullableOption; } -export interface BookingStaffMember extends BookingPerson { +export interface Channel extends Entity { + // Read only. Timestamp at which the channel was created. + createdDateTime?: NullableOption; + // Optional textual description for the channel. + description?: NullableOption; + // Channel name as it appears to the user in Microsoft Teams. The maximum length is 50 characters. + displayName?: string; + // The email address for sending messages to the channel. Read-only. + email?: NullableOption; + // Indicates whether the channel is archived. Read-only. + isArchived?: NullableOption; /** - * True means that if the staff member is a Microsoft 365 user, the Bookings API would verify the staff member's - * availability in their personal calendar in Microsoft 365, before making a booking. + * Indicates whether the channel should automatically be marked 'favorite' for all members of the team. Can only be set + * programmatically with Create team. Default: false. */ - availabilityIsAffectedByPersonalCalendar?: boolean; + isFavoriteByDefault?: NullableOption; /** - * Identifies a color to represent the staff member. The color corresponds to the color palette in the Staff details page - * in the Bookings app. + * The type of the channel. Can be set during creation and can't be changed. The possible values are: standard, private, + * unknownFutureValue, shared. The default value is standard. You must use the Prefer: include-unknown-enum-members + * request header to get the following value in this evolvable enum: shared. */ - colorIndex?: NullableOption; - // True indicates that a staff member will be notified via email when a booking assigned to them is created or changed. - isEmailNotificationEnabled?: boolean; - membershipStatus?: BookingStaffMembershipStatus; + membershipType?: NullableOption; + // Settings to configure channel moderation to control who can start new posts and reply to posts in that channel. + moderationSettings?: NullableOption; /** - * The role of the staff member in the business. Possible values are: guest, administrator, viewer, externalGuest, - * unknownFutureValue, scheduler, teamMember. Note that you must use the Prefer: include-unknown-enum-members request - * header to get the following values from this evolvable enum: scheduler, teamMember. Required. + * Contains summary information about the channel, including number of guests, members, owners, and an indicator for + * members from other tenants. The summary property is only returned if it appears in the $select clause of the Get + * channel method. */ - role?: BookingStaffRole; - // The time zone of the staff member. For a list of possible values, see dateTimeTimeZone. - timeZone?: NullableOption; + summary?: NullableOption; + // The ID of the Microsoft Entra tenant. + tenantId?: NullableOption; /** - * True means the staff member's availability is as specified in the businessHours property of the business. False means - * the availability is determined by the staff member's workingHours property setting. + * A hyperlink to the channel in Microsoft Teams. This URL is supplied when you right-click a channel in Microsoft Teams + * and select Get link to channel. This URL should be treated as an opaque blob, and not parsed. Read-only. */ - useBusinessHours?: boolean; + webUrl?: NullableOption; + // Metadata for the location where the channel's files are stored. + filesFolder?: NullableOption; + // A collection of membership records associated with the channel. + members?: NullableOption; + // A collection of all the messages in the channel. A navigation property. Nullable. + messages?: NullableOption; + // A collection of teams with which a channel is shared. + sharedWithTeams?: NullableOption; + // A collection of all the tabs in the channel. A navigation property. + tabs?: NullableOption; +} +export interface Chat extends Entity { + // Specifies the type of chat. Possible values are: group, oneOnOne, meeting, unknownFutureValue. + chatType?: ChatType; + // Date and time at which the chat was created. Read-only. + createdDateTime?: NullableOption; + // Date and time at which the chat was renamed or list of members were last changed. Read-only. + lastUpdatedDateTime?: NullableOption; /** - * The range of hours each day of the week that the staff member is available for booking. By default, they are - * initialized to be the same as the businessHours property of the business. + * Represents details about an online meeting. If the chat isn't associated with an online meeting, the property is empty. + * Read-only. */ - workingHours?: NullableOption; -} -export interface BookingCurrency extends Entity { - // The currency symbol. For example, the currency symbol for the US dollar and for the Australian dollar is $. - symbol?: string; -} -export interface BusinessScenarioPlanner extends Entity { - // The configuration of Planner plans that will be created for the scenario. - planConfiguration?: NullableOption; - // The configuration of Planner tasks that will be created for the scenario. - taskConfiguration?: NullableOption; - // The Planner tasks for the scenario. - tasks?: NullableOption; -} -export interface PlannerPlanConfiguration extends Entity { - // List the buckets that should be created in the plan. - buckets?: NullableOption; - // The identity of the creator of the plan configuration. - createdBy?: NullableOption; + onlineMeetingInfo?: NullableOption; + // The identifier of the tenant in which the chat was created. Read-only. + tenantId?: NullableOption; + // (Optional) Subject or topic for the chat. Only available for group chats. + topic?: NullableOption; /** - * The date and time when the plan configuration was created. The Timestamp type represents date and time information - * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Represents caller-specific information about the chat, such as last message read date and time. This property is + * populated only when the request is made in a delegated context. */ - createdDateTime?: string; - // The language code for the default language to be used for the names of the objects created for the plan. - defaultLanguage?: NullableOption; - // The identity of the user who last modified the plan configuration. - lastModifiedBy?: NullableOption; + viewpoint?: NullableOption; + // The URL for the chat in Microsoft Teams. The URL should be treated as an opaque blob, and not parsed. Read-only. + webUrl?: NullableOption; + // A collection of all the apps in the chat. Nullable. + installedApps?: NullableOption; /** - * The date and time when the plan configuration was last modified. The Timestamp type represents date and time - * information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is - * 2014-01-01T00:00:00Z. + * Preview of the last message sent in the chat. Null if no messages have been sent in the chat. Currently, only the list + * chats operation supports this property. */ - lastModifiedDateTime?: string; - // Localized names for the plan configuration. - localizations?: NullableOption; -} -export interface PlannerTaskConfiguration extends Entity { - // Policy configuration for tasks created for the businessScenario when they're being changed outside of the scenario. - editPolicy?: NullableOption; + lastMessagePreview?: NullableOption; + // A collection of all the members in the chat. Nullable. + members?: NullableOption; + // A collection of all the messages in the chat. Nullable. + messages?: NullableOption; + // A collection of all the Teams async operations that ran or are running on the chat. Nullable. + operations?: NullableOption; + // A collection of permissions granted to apps for the chat. + permissionGrants?: NullableOption; + // A collection of all the pinned messages in the chat. Nullable. + pinnedMessages?: NullableOption; + // A collection of all the tabs in the chat. Nullable. + tabs?: NullableOption; } -export interface PlannerTask extends PlannerDelta { - // Number of checklist items with value set to false, representing incomplete items. - activeChecklistItemCount?: NullableOption; - // The categories to which the task has been applied. See applied Categories for possible values. - appliedCategories?: NullableOption; - // Hint used to order items of this type in a list view. The format is defined as outlined here. - assigneePriority?: NullableOption; - // The set of assignees the task is assigned to. - assignments?: NullableOption; +export interface ChatActivityStatistics extends ActivityStatistics { /** - * Bucket ID to which the task belongs. The bucket needs to be in the plan that the task is in. It is 28 characters long - * and case-sensitive. Format validation is done on the service. + * Time spent on chats outside of working hours, which is based on the user's Microsoft Outlook calendar setting for work + * hours. The value is represented in ISO 8601 format for durations. */ - bucketId?: NullableOption; - // Number of checklist items that are present on the task. - checklistItemCount?: NullableOption; - // Identity of the user that completed the task. - completedBy?: NullableOption; + afterHours?: string; +} +export interface ChatMessage extends Entity { + // References to attached objects like files, tabs, meetings etc. + attachments?: NullableOption; /** - * Read-only. Date and time at which the 'percentComplete' of the task is set to '100'. The Timestamp type represents date - * and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is - * 2014-01-01T00:00:00Z + * Plaintext/HTML representation of the content of the chat message. Representation is specified by the contentType inside + * the body. The content is always in HTML if the chat message contains a chatMessageMention. */ - completedDateTime?: NullableOption; - // Thread ID of the conversation on the task. This is the ID of the conversation thread object created in the group. - conversationThreadId?: NullableOption; - // Identity of the user that created the task. - createdBy?: NullableOption; + body?: ItemBody; + // If the message was sent in a channel, represents identity of the channel. + channelIdentity?: NullableOption; + // If the message was sent in a chat, represents the identity of the chat. + chatId?: NullableOption; + // Timestamp of when the chat message was created. + createdDateTime?: NullableOption; + // Read only. Timestamp at which the chat message was deleted, or null if not deleted. + deletedDateTime?: NullableOption; + // Read-only. Version number of the chat message. + etag?: NullableOption; /** - * Read-only. Date and time at which the task is created. The Timestamp type represents date and time information using - * ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z + * Read-only. If present, represents details of an event that happened in a chat, a channel, or a team, for example, + * adding new members. For event messages, the messageType property will be set to systemEventMessage. */ - createdDateTime?: NullableOption; - // Contains information about the origin of the task. - creationSource?: NullableOption; + eventDetail?: NullableOption; + // Details of the sender of the chat message. Can only be set during migration. + from?: NullableOption; + // The importance of the chat message. The possible values are: normal, high, urgent. + importance?: ChatMessageImportance; /** - * Date and time at which the task is due. The Timestamp type represents date and time information using ISO 8601 format - * and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z + * Read only. Timestamp when edits to the chat message were made. Triggers an 'Edited' flag in the Teams UI. If no edits + * are made the value is null. */ - dueDateTime?: NullableOption; - // Read-only. Value is true if the details object of the task has a nonempty description and false otherwise. - hasDescription?: NullableOption; - // Hint used to order items of this type in a list view. The format is defined as outlined here. - orderHint?: NullableOption; - // Percentage of task completion. When set to 100, the task is considered completed. - percentComplete?: NullableOption; - // Plan ID to which the task belongs. - planId?: NullableOption; + lastEditedDateTime?: NullableOption; /** - * This sets the type of preview that shows up on the task. Possible values are: automatic, noPreview, checklist, - * description, reference. + * Read only. Timestamp when the chat message is created (initial setting) or modified, including when a reaction is added + * or removed. */ - previewType?: NullableOption; + lastModifiedDateTime?: NullableOption; + // Locale of the chat message set by the client. Always set to en-us. + locale?: string; + // List of entities mentioned in the chat message. Supported entities are: user, bot, team, channel, and tag. + mentions?: NullableOption; /** - * Priority of the task. Valid range of values is between 0 and 10 (inclusive), with increasing value being lower priority - * (0 has the highest priority and 10 has the lowest priority). Currently, Planner interprets values 0 and 1 as 'urgent', - * 2 and 3 and 4 as 'important', 5, 6, and 7 as 'medium', and 8, 9, and 10 as 'low'. Currently, Planner sets the value 1 - * for 'urgent', 3 for 'important', 5 for 'medium', and 9 for 'low'. + * List of activity history of a message item, including modification time and actions, such as reactionAdded, + * reactionRemoved, or reaction changes, on the message. */ - priority?: NullableOption; - // Defines active or inactive recurrence for the task. null when the recurrence has never been defined for the task. - recurrence?: NullableOption; - // Number of external references that exist on the task. - referenceCount?: NullableOption; + messageHistory?: NullableOption; /** - * Indicates all the requirements specified on the plannerTask. Possible values are: none, checklistCompletion, - * unknownFutureValue. Read-only. The plannerTaskCompletionRequirementDetails in plannerTaskDetails has details of the - * requirements specified, if any. + * The type of chat message. The possible values are: message, chatEvent, typing, unknownFutureValue, systemEventMessage. + * Note that you must use the Prefer: include-unknown-enum-members request header to get the following value in this + * evolvable enum: systemEventMessage. */ - specifiedCompletionRequirements?: NullableOption; + messageType?: ChatMessageType; + // User attribution of the message when bot sends a message on behalf of a user. + onBehalfOf?: NullableOption; + // Defines the properties of a policy violation set by a data loss prevention (DLP) application. + policyViolation?: NullableOption; + // Reactions for this chat message (for example, Like). + reactions?: NullableOption; /** - * Date and time at which the task starts. The Timestamp type represents date and time information using ISO 8601 format - * and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z + * Read-only. ID of the parent chat message or root chat message of the thread. (Only applies to chat messages in + * channels, not chats.) */ - startDateTime?: NullableOption; - // Title of the task. - title?: string; - // Read-only. Nullable. Used to render the task correctly in the task board view when grouped by assignedTo. - assignedToTaskBoardFormat?: NullableOption; - // Read-only. Nullable. Used to render the task correctly in the task board view when grouped by bucket. - bucketTaskBoardFormat?: NullableOption; - // Read-only. Nullable. Additional details about the task. - details?: NullableOption; - // Read-only. Nullable. Used to render the task correctly in the task board view when grouped by progress. - progressTaskBoardFormat?: NullableOption; -} -export interface BusinessScenarioTask extends PlannerTask { + replyToId?: NullableOption; + // The subject of the chat message, in plaintext. + subject?: NullableOption; /** - * Scenario-specific properties of the task. externalObjectId and externalBucketId properties must be specified when - * creating a task. + * Summary text of the chat message that could be used for push notifications and summary views or fall back views. Only + * applies to channel chat messages, not chat messages in a chat. */ - businessScenarioProperties?: NullableOption; - // Target of the task that specifies where the task should be placed. Must be specified when creating a task. - target?: NullableOption; -} -export interface PlannerPlanConfigurationLocalization extends Entity { - // Localized names for configured buckets in the plan configuration. - buckets?: NullableOption; - // The language code associated with the localized names in this object. - languageTag?: NullableOption; - // Localized title of the plan. - planTitle?: NullableOption; + summary?: NullableOption; + // Read-only. Link to the message in Microsoft Teams. + webUrl?: NullableOption; + // Content in a message hosted by Microsoft Teams - for example, images or code snippets. + hostedContents?: NullableOption; + // Replies for a specified message. Supports $expand for channel messages. + replies?: NullableOption; } -// tslint:disable-next-line: interface-name -export interface IdentityContainer { - // Represents entry point for API connectors. - apiConnectors?: NullableOption; - authenticationEventListeners?: NullableOption; +// tslint:disable-next-line: no-empty-interface +export interface ChatMessageHostedContent extends TeamworkHostedContent {} +export interface ChatMessageInfo extends Entity { /** - * Represents the entry point for self-service sign up and sign in user flows in both Microsoft Entra workforce and - * customer tenants. + * Body of the chatMessage. This will still contain markers for @mentions and attachments even though the object doesn't + * return @mentions and attachments. */ - authenticationEventsFlows?: NullableOption; - // Represents entry point for B2C identity userflows. - b2cUserFlows?: NullableOption; - // Represents entry point for B2X and self-service sign-up identity userflows. - b2xUserFlows?: NullableOption; - customAuthenticationExtensions?: NullableOption; - // Represents entry point for identity provider base. - identityProviders?: NullableOption; - // Represents entry point for identity userflow attributes. - userFlowAttributes?: NullableOption; - userFlows?: NullableOption; - // the entry point for the Conditional Access (CA) object model. - conditionalAccess?: NullableOption; - // Represents entry point for continuous access evaluation policy. - continuousAccessEvaluationPolicy?: NullableOption; -} -// tslint:disable-next-line: interface-name -export interface IdentityApiConnector extends Entity { + body?: NullableOption; + // Date time object representing the time at which message was created. + createdDateTime?: NullableOption; /** - * The object which describes the authentication configuration details for calling the API. Basic and PKCS 12 client - * certificate are supported. + * Read-only. If present, represents details of an event that happened in a chat, a channel, or a team, for example, + * members were added, and so on. For event messages, the messageType property is set to systemEventMessage. */ - authenticationConfiguration?: NullableOption; - // The name of the API connector. - displayName?: NullableOption; - // The URL of the API endpoint to call. - targetUrl?: NullableOption; + eventDetail?: NullableOption; + // Information about the sender of the message. + from?: NullableOption; + // If set to true, the original message has been deleted. + isDeleted?: NullableOption; + // The type of chat message. The possible values are: message, unknownFutureValue, systemEventMessage. + messageType?: ChatMessageType; } -export interface AuthenticationEventListener extends Entity { - // The identifier of the authenticationEventsFlow object. - authenticationEventsFlowId?: NullableOption; - // The conditions on which this authenticationEventListener should trigger. - conditions?: NullableOption; - // The priority of this handler. Between 0 (lower priority) and 1000 (higher priority). - priority?: number; +export interface ChecklistItem extends Entity { + // The date and time when the checklistItem was finished. + checkedDateTime?: NullableOption; + // The date and time when the checklistItem was created. + createdDateTime?: string; + // Indicates the title of the checklistItem. + displayName?: NullableOption; + // State that indicates whether the item is checked off or not. + isChecked?: NullableOption; } -export interface AuthenticationEventsFlow extends Entity { - /** - * The conditions representing the context of the authentication request that will be used to decide whether the events - * policy will be invoked. - */ - conditions?: NullableOption; - // The description of the events policy. - description?: NullableOption; - // Required. The display name for the events policy. - displayName?: string; +export interface ChromeOSOnboardingSettings extends Entity { + // The ChromebookTenant's LastDirectorySyncDateTime + lastDirectorySyncDateTime?: NullableOption; + // The ChromebookTenant's LastModifiedDateTime + lastModifiedDateTime?: string; /** - * The priority to use for each individual event of the events policy. If multiple competing listeners for an event have - * the same priority, one is chosen and an error is silently logged. Defaults to 500. + * The ChromebookTenant's OnboardingStatus. Possible values are: unknown, inprogress, onboarded, failed, offboarding, + * unknownFutureValue. */ - priority?: number; + onboardingStatus?: OnboardingStatus; + // The ChromebookTenant's OwnerUserPrincipalName + ownerUserPrincipalName?: NullableOption; } -// tslint:disable-next-line: interface-name -export interface IdentityUserFlow extends Entity { - userFlowType?: UserFlowType; - userFlowTypeVersion?: number; +// tslint:disable-next-line: no-empty-interface +export interface ClaimsMappingPolicy extends StsPolicy {} +export interface ClassificationJobResponse extends JobResponseBase { + result?: NullableOption; } -export interface B2cIdentityUserFlow extends IdentityUserFlow { - /** - * Configuration for enabling an API connector for use as part of the user flow. You can only obtain the value of this - * object using Get userFlowApiConnectorConfiguration. - */ - apiConnectorConfiguration?: NullableOption; - /** - * Indicates the default language of the b2cIdentityUserFlow that is used when no ui_locale tag is specified in the - * request. This field is RFC 5646 compliant. - */ - defaultLanguageTag?: NullableOption; +export interface CloudAppSecurityProfile extends Entity { + azureSubscriptionId?: NullableOption; + azureTenantId?: NullableOption; + createdDateTime?: NullableOption; + deploymentPackageUrl?: NullableOption; + destinationServiceName?: NullableOption; + isSigned?: NullableOption; + lastModifiedDateTime?: NullableOption; + manifest?: NullableOption; + name?: NullableOption; + permissionsRequired?: NullableOption; + platform?: NullableOption; + policyName?: NullableOption; + publisher?: NullableOption; + riskScore?: NullableOption; + tags?: NullableOption; + type?: NullableOption; + vendorInformation?: NullableOption; +} +export interface CloudClipboardItem extends Entity { + // Set by the server. DateTime in UTC when the object was created on the server. + createdDateTime?: string; /** - * The property that determines whether language customization is enabled within the B2C user flow. Language customization - * is not enabled by default for B2C user flows. + * Set by the server. DateTime in UTC when the object expires and after that the object is no longer available. The + * default and also maximum TTL is 12 hours after the creation, but it might change for performance optimization. */ - isLanguageCustomizationEnabled?: boolean; - identityProviders?: NullableOption; + expirationDateTime?: string; + // Set by the server if not provided in the client's request. DateTime in UTC when the object was modified by the client. + lastModifiedDateTime?: NullableOption; /** - * The languages supported for customization within the user flow. Language customization is not enabled by default in B2C - * user flows. + * A cloudClipboardItem can have multiple cloudClipboardItemPayload objects in the payloads. A window can place more than + * one clipboard object on the clipboard. Each one represents the same information in a different clipboard format. */ - languages?: NullableOption; - // The user attribute assignments included in the user flow. - userAttributeAssignments?: NullableOption; - userFlowIdentityProviders?: NullableOption; + payloads?: CloudClipboardItemPayload[]; } -export interface B2xIdentityUserFlow extends IdentityUserFlow { +export interface CloudClipboardRoot extends Entity { + // Represents a collection of Cloud Clipboard items. + items?: NullableOption; +} +export interface CloudCommunications { + callRecords?: NullableOption; + calls?: NullableOption; + onlineMeetings?: NullableOption; + presences?: NullableOption; +} +export interface CloudPC extends Entity { + // The Microsoft Entra device ID of the Cloud PC. + aadDeviceId?: NullableOption; + connectionSettings?: NullableOption; /** - * Configuration for enabling an API connector for use as part of the self-service sign-up user flow. You can only obtain - * the value of this object using Get userFlowApiConnectorConfiguration. + * The connectivity health check result of a Cloud PC, including the updated timestamp and whether the Cloud PC can be + * connected. */ - apiConnectorConfiguration?: NullableOption; - identityProviders?: NullableOption; + connectivityResult?: NullableOption; + disasterRecoveryCapability?: NullableOption; /** - * The languages supported for customization within the user flow. Language customization is enabled by default in - * self-service sign-up user flow. You can't create custom languages in self-service sign-up user flows. + * The disk encryption applied to the Cloud PC. Possible values: notAvailable, notEncrypted, + * encryptedUsingPlatformManagedKey, encryptedUsingCustomerManagedKey, and unknownFutureValue. */ - languages?: NullableOption; - // The user attribute assignments included in the user flow. - userAttributeAssignments?: NullableOption; - userFlowIdentityProviders?: NullableOption; -} -// tslint:disable-next-line: no-empty-interface -export interface CustomAuthenticationExtension extends CustomCalloutExtension {} -// tslint:disable-next-line: interface-name -export interface IdentityUserFlowAttribute extends Entity { + diskEncryptionState?: NullableOption; + // The display name of the Cloud PC. + displayName?: NullableOption; /** - * The data type of the user flow attribute. This can't be modified after the custom user flow attribute is created. The - * supported values for dataType are: string , boolean , int64 , stringCollection , dateTime, unknownFutureValue. Supports - * $filter (eq, ne). + * The date and time when the grace period ends and reprovisioning or deprovisioning happen. Required only if the status + * is inGracePeriod. The timestamp is shown in ISO 8601 format and Coordinated Universal Time (UTC). For example, midnight + * UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - dataType?: IdentityUserFlowAttributeDataType; - // The description of the user flow attribute that's shown to the user at the time of sign-up. - description?: NullableOption; - // The display name of the user flow attribute. Supports $filter (eq, ne). - displayName?: NullableOption; + gracePeriodEndDateTime?: NullableOption; + // Name of the OS image that's on the Cloud PC. + imageDisplayName?: NullableOption; + // The last login result of the Cloud PC. For example, { 'time': '2014-01-01T00:00:00Z'}. + lastLoginResult?: NullableOption; /** - * The type of the user flow attribute. This is a read-only attribute that is automatically set. Depending on the type of - * attribute, the values for this property are builtIn, custom, required, unknownFutureValue. Supports $filter (eq, ne). + * The last modified date and time of the Cloud PC. The Timestamp type represents date and time information using ISO 8601 + * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - userFlowAttributeType?: IdentityUserFlowAttributeType; -} -export interface ContinuousAccessEvaluationPolicy extends Entity { + lastModifiedDateTime?: string; /** - * Continuous access evaluation automatically blocks access to resources and applications in near real time when a user's - * access is removed or a client IP address changes. Read-only. + * The last remote action result of the enterprise Cloud PCs. The supported remote actions are: Reboot, Rename, + * Reprovision, Restore, Troubleshoot. */ - description?: string; - // The value is always Continuous Access Evaluation. Read-only. - displayName?: string; + lastRemoteActionResult?: NullableOption; + // The Intune device ID of the Cloud PC. + managedDeviceId?: NullableOption; + // The Intune device name of the Cloud PC. + managedDeviceName?: NullableOption; + // The Azure network connection that is applied during the provisioning of Cloud PCs. + onPremisesConnectionName?: NullableOption; /** - * The collection of group identifiers in scope for evaluation. All groups are in scope when the collection is empty. - * Read-only. + * The version of the operating system (OS) to provision on Cloud PCs. Possible values are: windows10, windows11, + * unknownFutureValue. */ - groups?: string[]; - // true to indicate whether continuous access evaluation should be performed; otherwise false. Read-only. - isEnabled?: boolean; + osVersion?: NullableOption; + // The results of every partner agent's installation status on Cloud PC. + partnerAgentInstallResults?: NullableOption; /** - * true to indicate that the continuous access evaluation policy settings should be or has been migrated to the - * conditional access policy. + * The power state of a Cloud PC. The possible values are: running, poweredOff, unknown. This property only supports shift + * work Cloud PCs. */ - migrate?: boolean; + powerState?: NullableOption; + // The provisioning policy ID of the Cloud PC. + provisioningPolicyId?: NullableOption; + // The provisioning policy that is applied during the provisioning of Cloud PCs. + provisioningPolicyName?: NullableOption; /** - * The collection of user identifiers in scope for evaluation. All users are in scope when the collection is empty. - * Read-only. + * The type of licenses to be used when provisioning Cloud PCs using this policy. Possible values are: dedicated, shared, + * unknownFutureValue. Default value is dedicated. */ - users?: string[]; -} -export interface AppScope extends Entity { + provisioningType?: NullableOption; + scopeIds?: NullableOption; + // The service plan ID of the Cloud PC. + servicePlanId?: NullableOption; + // The service plan name of the Cloud PC. + servicePlanName?: NullableOption; + // The service plan type of the Cloud PC. + servicePlanType?: NullableOption; /** - * Provides the display name of the app-specific resource represented by the app scope. Provided for display purposes - * since appScopeId is often an immutable, non-human-readable id. This property is read only. + * The status of the Cloud PC. Possible values are: notProvisioned, provisioning, provisioned, inGracePeriod, + * deprovisioning, failed, provisionedWithWarnings, resizing, restoring, pendingProvision, unknownFutureValue, + * movingRegion, resizePendingLicense. Note that you must use the Prefer: include-unknown-enum-members request header to + * get the following values from this evolvable enum: movingRegion, resizePendingLicense. */ - displayName?: NullableOption; + status?: CloudPcStatus; + // The details of the Cloud PC status. + statusDetails?: NullableOption; /** - * Describes the type of app-specific resource represented by the app scope and is provided for display purposes, so a - * user interface can convey to the user the kind of app specific resource represented by the app scope. This property is - * read only. + * The account type of the user on provisioned Cloud PCs. Possible values are: standardUser, administrator, + * unknownFutureValue. */ - type?: NullableOption; + userAccountType?: NullableOption; + // The user principal name (UPN) of the user assigned to the Cloud PC. + userPrincipalName?: NullableOption; } export interface CloudPcAuditEvent extends Entity { // Friendly name of the activity. Optional. activity?: NullableOption; // The date time in UTC when the activity was performed. Read-only. activityDateTime?: string; - // The HTTP operation type of the activity. Possible values include create, delete, patch and other. Read-only. + /** + * The HTTP operation type of the activity. Possible values include create, delete, patch and unknownFutureValue. + * Read-only. + */ activityOperationType?: CloudPcAuditActivityOperationType; - // The result of the activity. Read-only. + /** + * The result of the activity. Possible values include success, clientError, failure, timeout and unknownFutureValue. + * Read-only. + */ activityResult?: CloudPcAuditActivityResult; - // The type of activity that was performed. Read-only. + // The type of the activity that was performed. Read-only. activityType?: string; // Microsoft Entra user and application associated with the audit event. Read-only. actor?: CloudPcAuditActor; - // Audit category. Read-only. + // Audit category. Possible values include cloudPC and unknownFutureValue. Read-only. category?: CloudPcAuditCategory; // Component name. Read-only. componentName?: string; - // The client request identifier, used to correlate activity within the system. Read-only. + // The client request ID that is used to correlate activity within the system. Read-only. correlationId?: string; // Event display name. Read-only. displayName?: string; @@ -12172,6 +12717,14 @@ export interface CloudPcBulkAction extends Entity { cloudPcIds?: string[]; createdDateTime?: NullableOption; displayName?: string; + scheduledDuringMaintenanceWindow?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface CloudPcBulkDisasterRecoveryFailback extends CloudPcBulkAction {} +// tslint:disable-next-line: no-empty-interface +export interface CloudPcBulkDisasterRecoveryFailover extends CloudPcBulkAction {} +export interface CloudPcBulkModifyDiskEncryptionType extends CloudPcBulkAction { + diskEncryptionType?: CloudPcDiskEncryptionType; } // tslint:disable-next-line: no-empty-interface export interface CloudPcBulkPowerOff extends CloudPcBulkAction {} @@ -12190,6 +12743,20 @@ export interface CloudPcBulkRestore extends CloudPcBulkAction { } // tslint:disable-next-line: no-empty-interface export interface CloudPcBulkTroubleshoot extends CloudPcBulkAction {} +export interface CloudPCConnectivityIssue extends Entity { + // The Intune DeviceId of the device the connection is associated with. + deviceId?: NullableOption; + // The error code of the connectivity issue. + errorCode?: NullableOption; + // The time that the connection initiated. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) time. + errorDateTime?: string; + // The detailed description of what went wrong. + errorDescription?: NullableOption; + // The recommended action to fix the corresponding error. + recommendedAction?: NullableOption; + // The unique id of user who initialize the connection. + userId?: NullableOption; +} export interface CloudPcCrossCloudGovernmentOrganizationMapping extends Entity { /** * The tenant ID in the Azure Government cloud corresponding to the GCC tenant in the public cloud. Currently, 1:1 @@ -12198,35 +12765,47 @@ export interface CloudPcCrossCloudGovernmentOrganizationMapping extends Entity { organizationIdsInUSGovCloud?: NullableOption; } export interface CloudPcDeviceImage extends Entity { - // The display name of the image. + /** + * The display name of the associated device image. The device image display name and the version are used to uniquely + * identify the Cloud PC device image. Read-only. + */ displayName?: NullableOption; - // The date the image became unavailable. + /** + * The error code of the status of the image that indicates why the upload failed, if applicable. Possible values are: + * internalServerError, sourceImageNotFound, osVersionNotSupported, sourceImageInvalid, sourceImageNotGeneralized, + * unknownFutureValue, vmAlreadyAzureAdJoined, paidSourceImageNotSupport, sourceImageNotSupportCustomizeVMName, + * sourceImageSizeExceedsLimitation. Note that you must use the Prefer: include-unknown-enum-members request header to get + * the following values from this evolvable enum: vmAlreadyAzureAdJoined, paidSourceImageNotSupport, + * sourceImageNotSupportCustomizeVMName, sourceImageSizeExceedsLimitation. Read-only. + */ + errorCode?: NullableOption; + // The date when the image became unavailable. Read-only. expirationDate?: NullableOption; /** - * The data and time that the image was last modified. The time is shown in ISO 8601 format and Coordinated Universal Time - * (UTC) time. For example, midnight UTC on Jan 1, 2014 appears as 2014-01-01T00:00:00Z. + * The data and time when the image was last modified. The timestamp represents date and time information using ISO 8601 + * format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ lastModifiedDateTime?: NullableOption; - // The operating system of the image. For example, Windows 10 Enterprise. + // The operating system of the image. For example, Windows 10 Enterprise. Read-only. operatingSystem?: NullableOption; - // The OS build version of the image. For example, 1909. + // The OS build version of the image. For example, 1909. Read-only. osBuildNumber?: NullableOption; - // The OS status of this image. Possible values are: supported, supportedWithWarning, unknownFutureValue. + /** + * The OS status of this image. Possible values are: supported, supportedWithWarning, unknown, unknownFutureValue. The + * default value is unknown. Read-only. + */ osStatus?: NullableOption; scopeIds?: NullableOption; /** - * The ID of the source image resource on Azure. Required format: - * /subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images/{imageName}. + * The unique identifier (ID) of the source image resource on Azure. The required ID format is: + * '/subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Compute/images/{imageName}'. + * Read-only. */ sourceImageResourceId?: NullableOption; - // The status of the image on Cloud PC. Possible values are: pending, ready, failed. + // The status of the image on the Cloud PC. Possible values are: pending, ready, failed, unknownFutureValue. Read-only. status?: NullableOption; - /** - * The details of the status of the image that indicates why the upload failed, if applicable. Possible values are: - * internalServerError, sourceImageNotFound, osVersionNotSupported, sourceImageInvalid, and sourceImageNotGeneralized. - */ statusDetails?: NullableOption; - // The image version. For example, 0.0.1 and 1.5.13. + // The image version. For example, 0.0.1 and 1.5.13. Read-only. version?: NullableOption; } export interface CloudPcExportJob extends Entity { @@ -12248,10 +12827,10 @@ export interface CloudPcExportJob extends Entity { * totalAggregatedRemoteConnectionReports, sharedUseLicenseUsageReport, sharedUseLicenseUsageRealTimeReport, * unknownFutureValue, noLicenseAvailableConnectivityFailureReport, frontlineLicenseUsageReport, * frontlineLicenseUsageRealTimeReport, remoteConnectionQualityReports, inaccessibleCloudPcReports, - * rawRemoteConnectionReports. You must use the Prefer: include-unknown-enum-members request header to get the following - * value(s) in this evolvable enum: noLicenseAvailableConnectivityFailureReport, frontlineLicenseUsageReport, - * frontlineLicenseUsageRealTimeReport, remoteConnectionQualityReports, inaccessibleCloudPcReports, - * rawRemoteConnectionReports. + * rawRemoteConnectionReports, cloudPcUsageCategoryReports. You must use the Prefer: include-unknown-enum-members request + * header to get the following value(s) in this evolvable enum: noLicenseAvailableConnectivityFailureReport, + * frontlineLicenseUsageReport, frontlineLicenseUsageRealTimeReport, remoteConnectionQualityReports, + * inaccessibleCloudPcReports, rawRemoteConnectionReports, cloudPcUsageCategoryReports. */ reportName?: NullableOption; // The date and time when the export job was requested. @@ -12282,6 +12861,7 @@ export interface CloudPcExternalPartnerSetting extends Entity { statusDetails?: NullableOption; } export interface CloudPcFrontLineServicePlan extends Entity { + allotmentLicensesCount?: NullableOption; /** * The display name of the front-line service plan. For example, 2vCPU/8GB/128GB Front-line or 4vCPU/16GB/256GB * Front-line. @@ -12293,34 +12873,39 @@ export interface CloudPcFrontLineServicePlan extends Entity { usedCount?: NullableOption; } export interface CloudPcGalleryImage extends Entity { - // The official display name of the gallery image. Read-only. + // The display name of this gallery image. For example, Windows 11 Enterprise + Microsoft 365 Apps 22H2. Read-only. displayName?: NullableOption; /** - * The date in which this image is no longer within long-term support. The Cloud PC continues to provide short-term - * support. Read-only. + * The date when the status of image becomes supportedWithWarning. Users can still provision new Cloud PCs if the current + * time is later than endDate and earlier than expirationDate. For example, assume the endDate of a gallery image is + * 2023-9-14 and expirationDate is 2024-3-14, users are able to provision new Cloud PCs if today is 2023-10-01. Read-only. */ endDate?: NullableOption; - // The date when the image is no longer available. Read-only. + /** + * The date when the image is no longer available. Users are unable to provision new Cloud PCs if the current time is + * later than expirationDate. The value is usually endDate plus six months. For example, if the startDate is 2025-10-14, + * the expirationDate is usually 2026-04-14. Read-only. + */ expirationDate?: NullableOption; - // The offer name of the gallery image. This value is passed to Azure to get the image resource. Read-only. offer?: NullableOption; - // The official display offer name of the gallery image. For example, Windows 10 Enterprise + OS Optimizations. Read-only. offerDisplayName?: NullableOption; - // The publisher name of the gallery image. This value is passed to Azure to get the image resource. Read-only. + // The offer name of this gallery image that is passed to ARM to retrieve the image resource. Read-only. + offerName?: NullableOption; publisher?: NullableOption; - // Recommended Cloud PC SKU for this gallery image. Read-only. + // The publisher name of this gallery image that is passed to ARM to retrieve the image resource. Read-only. + publisherName?: NullableOption; recommendedSku?: NullableOption; - // The size of this image in gigabytes. Read-only. + // Indicates the size of this image in gigabytes. For example, 64. Read-only. sizeInGB?: NullableOption; - // The SKU name of the gallery image. This value is passed to Azure to get the image resource. Read-only. sku?: NullableOption; - // The official display stock keeping unit (SKU) name of this gallery image. For example, 2004. Read-only. skuDisplayName?: NullableOption; - // The date when the image becomes available. Read-only. + // The SKU name of this image that is passed to ARM to retrieve the image resource. Read-only. + skuName?: NullableOption; + // The date when the Cloud PC image is available for provisioning new Cloud PCs. For example, 2022-09-20. Read-only. startDate?: NullableOption; /** * The status of the gallery image on the Cloud PC. Possible values are: supported, supportedWithWarning, notSupported, - * unknownFutureValue. Read-only. + * unknownFutureValue. The default value is supported. Read-only. */ status?: NullableOption; } @@ -12339,14 +12924,30 @@ export interface CloudPcOnPremisesConnection extends Entity { * $select. */ alternateResourceUrl?: NullableOption; + /** + * Specifies the method by which a provisioned Cloud PC is joined to Microsoft Entra. The azureADJoin option indicates the + * absence of an on-premises Active Directory (AD) in the current tenant that results in the Cloud PC device only joining + * to Microsoft Entra. The hybridAzureADJoin option indicates the presence of an on-premises AD in the current tenant and + * that the Cloud PC joins both the on-premises AD and Microsoft Entra. The selected option also determines the types of + * users who can be assigned and can sign into a Cloud PC. The azureADJoin option allows both cloud-only and hybrid users + * to be assigned and sign in, whereas hybridAzureADJoin is restricted to hybrid users only. The default value is + * hybridAzureADJoin. The possible values are: hybridAzureADJoin, azureADJoin, unknownFutureValue. + */ + connectionType?: NullableOption; // The display name for the Azure network connection. displayName?: string; /** - * The status of the most recent health check done on the Azure network connection. For example, if status is passed, the - * Azure network connection has passed all checks run by the service. Possible values are: pending, running, passed, + * The status of the most recent health check done on the Azure network connection. For example, if the status is passed, + * the Azure network connection passed all checks run by the service. Possible values are: pending, running, passed, * failed, warning, informational, unknownFutureValue. Read-only. */ healthCheckStatus?: CloudPcOnPremisesConnectionStatus; + /** + * Indicates the results of health checks performed on the on-premises connection. Returned only on $select. For an + * example that shows how to get the inUse property, see Example 2: Get the selected properties of an Azure network + * connection, including healthCheckStatusDetails. Read-only. + */ + healthCheckStatusDetail?: NullableOption; /** * The details of the connection's health checks and the corresponding results. Returned only on $select. For an example * that shows how to get the inUse property, see Example 2: Get the selected properties of an Azure network connection, @@ -12381,21 +12982,17 @@ export interface CloudPcOnPremisesConnection extends Entity { * /subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkId}/subnets/{subnetName}. */ subnetId?: string; - // The ID of the target Azure subscription that’s associated with your tenant. + // The ID of the target Azure subscription associated with your tenant. subscriptionId?: string; // The name of the target Azure subscription. Read-only. subscriptionName?: NullableOption; - /** - * Specifies how the provisioned Cloud PC is joined to Microsoft Entra ID. Default value is hybridAzureADJoin. Possible - * values are: azureADJoin, hybridAzureADJoin, unknownFutureValue. - */ type?: NullableOption; /** * The ID of the target virtual network. Required format: * /subscriptions/{subscription-id}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/virtualNetworks/{virtualNetworkName}. */ virtualNetworkId?: string; - // Indicates resource location of the virtual target network. Read-only, computed value. + // Indicates the resource location of the virtual target network. Read-only, computed value. virtualNetworkLocation?: NullableOption; } export interface CloudPcOrganizationSettings extends Entity { @@ -12432,1994 +13029,2012 @@ export interface CloudPcProvisioningPolicy extends Entity { // The display name of the Cloud PC group that the Cloud PCs reside in. Read-only. cloudPcGroupDisplayName?: NullableOption; /** - * The template used to name Cloud PCs provisioned using this policy. This can contain custom text and replacement tokens, - * including %USERNAME:x% and %RAND:x%, which represent the user's name and a randomly generated number, respectively. For - * example, 'CPC-%USERNAME:4%-%RAND:5%' means that the Cloud PC's name will start with 'CPC-', have a four-character - * username in the middle followed by a '-' character, and end with five random characters. The total length of the text - * generated by the template can be no more than 15 characters. Supports $filter, $select, $orderby. + * The template used to name Cloud PCs provisioned using this policy. The template can contain custom text and replacement + * tokens, including %USERNAME:x% and %RAND:x%, which represent the user's name and a randomly generated number, + * respectively. For example, CPC-%USERNAME:4%-%RAND:5% means that the name of the Cloud PC starts with CPC-, followed by + * a four-character username, a - character, and then five random characters. The total length of the text generated by + * the template can't exceed 15 characters. Supports $filter, $select, and $orderby. */ cloudPcNamingTemplate?: NullableOption; - // The provisioning policy description. + // The provisioning policy description. Supports $filter, $select, and $orderBy. description?: NullableOption; // The display name for the provisioning policy. - displayName?: NullableOption; - // Specifies how Cloud PCs will join Microsoft Entra ID. + displayName?: string; domainJoinConfiguration?: NullableOption; + // Specifies a list ordered by priority on how Cloud PCs join Microsoft Entra ID (Azure AD). Supports $select. domainJoinConfigurations?: NullableOption; /** * True if the provisioned Cloud PC can be accessed by single sign-on. False indicates that the provisioned Cloud PC - * doesn't support this feature. Default value is false. Windows 365 users can use single sign-on to authenticate to + * doesn't support this feature. The default value is false. Windows 365 users can use single sign-on to authenticate to * Microsoft Entra ID with passwordless options (for example, FIDO keys) to access their Cloud PC. Optional. */ enableSingleSignOn?: NullableOption; // The number of hours to wait before reprovisioning/deprovisioning happens. Read-only. gracePeriodInHours?: NullableOption; - // The display name for the OS image you’re provisioning. - imageDisplayName?: NullableOption; /** - * The ID of the OS image you want to provision on Cloud PCs. The format for a gallery type image is: {publisheroffersku}. - * Supported values for each of the parameters are as follows:publisher: Microsoftwindowsdesktop. offer: windows-ent-cpc. - * sku: 21h1-ent-cpc-m365, 21h1-ent-cpc-os, 20h2-ent-cpc-m365, 20h2-ent-cpc-os, 20h1-ent-cpc-m365, 20h1-ent-cpc-os, - * 19h2-ent-cpc-m365 and 19h2-ent-cpc-os. + * The display name of the operating system image that is used for provisioning. For example, Windows 11 Preview + + * Microsoft 365 Apps 23H2 23H2. Supports $filter, $select, and $orderBy. + */ + imageDisplayName?: string; + /** + * The unique identifier that represents an operating system image that is used for provisioning new Cloud PCs. The format + * for a gallery type image is: {publisherNameofferNameskuName}. Supported values for each of the parameters + * are:publisher: Microsoftwindowsdesktop offer: windows-ent-cpc sku: 21h1-ent-cpc-m365, 21h1-ent-cpc-os, + * 20h2-ent-cpc-m365, 20h2-ent-cpc-os, 20h1-ent-cpc-m365, 20h1-ent-cpc-os, 19h2-ent-cpc-m365, and 19h2-ent-cpc-os Supports + * $filter, $select, and $orderBy. + */ + imageId?: string; + /** + * The type of operating system image (custom or gallery) that is used for provisioning on Cloud PCs. Possible values are: + * gallery, custom. The default value is gallery. Supports $filter, $select, and $orderBy. */ - imageId?: NullableOption; - // The type of OS image (custom or gallery) you want to provision on Cloud PCs. Possible values are: gallery, custom. imageType?: CloudPcProvisioningPolicyImageType; /** - * Indicates whether the local admin option is enabled. If the local admin option is enabled, the end user can be an admin - * of the Cloud PC device. Read-only. + * When true, the local admin is enabled for Cloud PCs; false indicates that the local admin isn't enabled for Cloud PCs. + * The default value is false. Supports $filter, $select, and $orderBy. */ localAdminEnabled?: NullableOption; /** - * Specifies which services manage the Azure network connection. Possible values are: windows365, devBox, - * unknownFutureValue, rpaBox. Note that you must use the Prefer: include-unknown-enum-members request header to get the - * following value(s) in this evolvable enum: rpaBox. Read-only. + * Indicates the service that manages the provisioning policy. Possible values are: windows365, devBox, + * unknownFutureValue, rpaBox. The default value is windows365. Note that you must use the Prefer: + * include-unknown-enum-members request header to get the following value in this evolvable enum: rpaBox. Supports + * $filter, $select, and $orderBy. */ managedBy?: CloudPcManagementService; /** - * The specific settings for the Microsoft Managed Desktop, which enables customers to get a managed device experience for - * the Cloud PC. Before you can enable Microsoft Managed Desktop, an admin must configure it. + * The specific settings to microsoftManagedDesktop that enables Microsoft Managed Desktop customers to get device managed + * experience for Cloud PC. To enable microsoftManagedDesktop to provide more value, an admin needs to specify certain + * settings in it. Supports $filter, $select, and $orderBy. + */ + microsoftManagedDesktop?: NullableOption; + onPremisesConnectionId?: NullableOption; + /** + * Specifies the type of license used when provisioning Cloud PCs using this policy. By default, the license type is + * dedicated if the provisioningType isn't specified when you create the cloudPcProvisioningPolicy. You can't change this + * property after the cloudPcProvisioningPolicy was created. Possible values are: dedicated, shared, unknownFutureValue. + */ + provisioningType?: NullableOption; + scopeIds?: NullableOption; + /** + * Indicates a specific Windows setting to configure during the creation of Cloud PCs for this provisioning policy. + * Supports $select. + */ + windowsSetting?: NullableOption; + windowsSettings?: NullableOption; + /** + * A defined collection of provisioning policy assignments. Represents the set of Microsoft 365 groups and security groups + * in Microsoft Entra ID that have provisioning policy assigned. Returned only on $expand. For an example about how to get + * the assignments relationship, see Get cloudPcProvisioningPolicy. + */ + assignments?: NullableOption; +} +export interface CloudPcProvisioningPolicyAssignment extends Entity { + /** + * The assignment target for the provisioning policy. Currently, the only target supported for this policy is a user + * group. For details, see cloudPcManagementGroupAssignmentTarget. + */ + target?: NullableOption; + /** + * The assignment targeted users for the provisioning policy. This list of users is computed based on assignments, + * licenses, group memberships, and policies. This property is read-only. Supports$expand. + */ + assignedUsers?: NullableOption; +} +export interface CloudPcReports extends Entity { + // The export jobs created for downloading reports. + exportJobs?: NullableOption; +} +export interface CloudPcServicePlan extends Entity { + // The name for the service plan. Read-only. + displayName?: string; + /** + * Specifies the type of license used when provisioning Cloud PCs. By default, the license type is dedicated. Possible + * values are: dedicated, shared, unknownFutureValue. + */ + provisioningType?: NullableOption; + // The size of the RAM in GB. Read-only. + ramInGB?: number; + // The size of the OS Disk in GB. Read-only. + storageInGB?: number; + /** + * The supported service or solution for the region. The possible values are: windows365, devBox, rpaBox, + * unknownFutureValue. Read-only. + */ + supportedSolution?: CloudPcManagementService; + // The type of the service plan. Possible values are: enterprise, business, unknownFutureValue. Read-only. + type?: NullableOption; + // The size of the user profile disk in GB. Read-only. + userProfileInGB?: number; + // The number of vCPUs. Read-only. + vCpuCount?: number; +} +export interface CloudPcSharedUseServicePlan extends Entity { + // The display name of the shared-use service plan. + displayName?: NullableOption; + // Total number of shared-use service plans purchased by the customer. + totalCount?: NullableOption; + // The number of service plans that the account uses. + usedCount?: NullableOption; +} +export interface CloudPcSnapshot extends Entity { + // The unique identifier for the Cloud PC. + cloudPcId?: string; + /** + * The date and time at which the snapshot was taken. The timestamp is shown in ISO 8601 format and Coordinated Universal + * Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + */ + createdDateTime?: NullableOption; + /** + * The date and time when the snapshot expires. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) + * time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + */ + expirationDateTime?: NullableOption; + /** + * The date and time at which the snapshot was last used to restore the Cloud PC device. The timestamp is shown in ISO + * 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + */ + lastRestoredDateTime?: NullableOption; + /** + * The type of snapshot that indicates how to create the snapshot. Possible values are automatic, manual. Default value is + * automatic. + */ + snapshotType?: NullableOption; + // The status of the Cloud PC snapshot. The possible values are: ready, unknownFutureValue. + status?: NullableOption; +} +export interface CloudPcSupportedRegion extends Entity { + // The name for the supported region. Read-only. + displayName?: string; + /** + * The geographic group this region belongs to. Multiple regions can belong to one region group. For example, the + * europeUnion region group contains the Northern Europe and Western Europe regions. A customer can select a region group + * when provisioning a Cloud PC; however, the Cloud PC is put under one of the regions under the group based on resource + * capacity. The region with more quota is chosen. Possible values are: default, australia, canada, usCentral, usEast, + * usWest, france, germany, europeUnion, unitedKingdom, japan, asia, india, southAmerica, euap, usGovernment, + * usGovernmentDOD, unknownFutureValue, norway, switzerland,southKorea. You must use the Prefer: + * include-unknown-enum-members request header to get the following value(s) in this evolvable enum: norway, + * switzerland,southKorea. Read-only. + */ + regionGroup?: CloudPcRegionGroup; + /** + * The status of the supported region. Possible values are: available, restricted, unavailable, unknownFutureValue. + * Read-only. + */ + regionStatus?: NullableOption; + /** + * The supported service or solution for the region. The possible values are: windows365, devBox, unknownFutureValue, + * rpaBox. You must use the Prefer: include-unknown-enum-members request header to get the following value or values in + * this evolvable enum: rpaBox. Read-only. + */ + supportedSolution?: CloudPcManagementService; +} +export interface CloudPcUserSetting extends Entity { + /** + * The date and time the setting was created. The timestamp type represents the date and time information using ISO 8601 + * format and is always in UTC. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'. + */ + createdDateTime?: NullableOption; + crossRegionDisasterRecoverySetting?: NullableOption; + // The setting name displayed in the user interface. + displayName?: NullableOption; + /** + * The last date and time the setting was modified. The timestamp type represents the date and time information using ISO + * 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'. + */ + lastModifiedDateTime?: NullableOption; + /** + * Indicates whether the local admin option is enabled. Default value is false. To enable the local admin option, change + * the setting to true. If the local admin option is enabled, the end user can be an admin of the Cloud PC device. + */ + localAdminEnabled?: NullableOption; + /** + * Indicates whether an end user is allowed to reset their Cloud PC. When true, the user is allowed to reset their Cloud + * PC. When false, end-user initiated reset is not allowed. The default value is false. + */ + resetEnabled?: NullableOption; + /** + * Defines how frequently a restore point is created that is, a snapshot is taken) for users' provisioned Cloud PCs + * (default is 12 hours), and whether the user is allowed to restore their own Cloud PCs to a backup made at a specific + * point in time. + */ + restorePointSetting?: NullableOption; + selfServiceEnabled?: NullableOption; + /** + * Represents the set of Microsoft 365 groups and security groups in Microsoft Entra ID that have cloudPCUserSetting + * assigned. Returned only on $expand. For an example, see Get cloudPcUserSettingample. + */ + assignments?: NullableOption; +} +export interface CloudPcUserSettingAssignment extends Entity { + /** + * The date and time this assignment was created. The Timestamp type represents the date and time information using ISO + * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: + * '2014-01-01T00:00:00Z'. + */ + createdDateTime?: NullableOption; + /** + * The assignment target for the user setting. Currently, the only target supported for this user setting is a user group. + * For details, see cloudPcManagementGroupAssignmentTarget. + */ + target?: NullableOption; +} +export interface ColumnDefinition extends Entity { + // This column stores boolean values. + boolean?: NullableOption; + // This column's data is calculated based on other columns. + calculated?: NullableOption; + // This column stores data from a list of choices. + choice?: NullableOption; + // For site columns, the name of the group this column belongs to. Helps organize related columns. + columnGroup?: NullableOption; + // This column stores content approval status. + contentApprovalStatus?: NullableOption; + // This column stores currency values. + currency?: NullableOption; + // This column stores DateTime values. + dateTime?: NullableOption; + // The default value for this column. + defaultValue?: NullableOption; + // The user-facing description of the column. + description?: NullableOption; + // The user-facing name of the column. + displayName?: NullableOption; + // If true, no two list items may have the same value for this column. + enforceUniqueValues?: NullableOption; + // This column stores a geolocation. + geolocation?: NullableOption; + // Specifies whether the column is displayed in the user interface. + hidden?: NullableOption; + // This column stores hyperlink or picture values. + hyperlinkOrPicture?: NullableOption; + // Specifies whether the column values can used for sorting and searching. + indexed?: NullableOption; + // Indicates whether this column can be deleted. + isDeletable?: NullableOption; + // Indicates whether values in the column can be reordered. Read-only. + isReorderable?: NullableOption; + // Specifies whether the column can be changed. + isSealed?: NullableOption; + // This column's data is looked up from another source in the site. + lookup?: NullableOption; + /** + * The API-facing name of the column as it appears in the [fields][] on a [listItem][]. For the user-facing name, see + * displayName. + */ + name?: NullableOption; + // This column stores number values. + number?: NullableOption; + // This column stores Person or Group values. + personOrGroup?: NullableOption; + // If true, changes to this column will be propagated to lists that implement the column. + propagateChanges?: NullableOption; + // Specifies whether the column values can be modified. + readOnly?: NullableOption; + // Specifies whether the column value isn't optional. + required?: NullableOption; + // ContentType from which this column is inherited from. Used only to fetch contentTypes columns. + sourceContentType?: NullableOption; + // This column stores taxonomy terms. + term?: NullableOption; + // This column stores text values. + text?: NullableOption; + // This column stores thumbnail values. + thumbnail?: NullableOption; + // For site columns, the type of column. Read-only. + type?: NullableOption; + // This column stores validation formula and message for the column. + validation?: NullableOption; + // The source column for content type column. + sourceColumn?: NullableOption; +} +export interface ColumnLink extends Entity { + // The name of the column in this content type. + name?: NullableOption; +} +export interface ComanagementEligibleDevice extends Entity { + /** + * ClientRegistrationStatus. Possible values are: notRegistered, registered, revoked, keyConflict, approvalPending, + * certificateReset, notRegisteredPendingEnrollment, unknown. + */ + clientRegistrationStatus?: DeviceRegistrationState; + // DeviceName + deviceName?: NullableOption; + /** + * DeviceType. Possible values are: desktop, windowsRT, winMO6, nokia, windowsPhone, mac, winCE, winEmbedded, iPhone, + * iPad, iPod, android, iSocConsumer, unix, macMDM, holoLens, surfaceHub, androidForWork, androidEnterprise, windows10x, + * androidnGMS, chromeOS, linux, blackberry, palm, unknown, cloudPC. + */ + deviceType?: DeviceType; + // EntitySource + entitySource?: number; + /** + * ManagementAgents. Possible values are: eas, mdm, easMdm, intuneClient, easIntuneClient, configurationManagerClient, + * configurationManagerClientMdm, configurationManagerClientMdmEas, unknown, jamf, googleCloudDevicePolicyController, + * microsoft365ManagedMdm, msSense, intuneAosp, google, unknownFutureValue. + */ + managementAgents?: ManagementAgentType; + /** + * ManagementState. Possible values are: managed, retirePending, retireFailed, wipePending, wipeFailed, unhealthy, + * deletePending, retireIssued, wipeIssued, wipeCanceled, retireCanceled, discovered. + */ + managementState?: ManagementState; + // Manufacturer + manufacturer?: NullableOption; + // MDMStatus + mdmStatus?: NullableOption; + // Model + model?: NullableOption; + // OSDescription + osDescription?: NullableOption; + // OSVersion + osVersion?: NullableOption; + // OwnerType. Possible values are: unknown, company, personal. + ownerType?: OwnerType; + // ReferenceId + referenceId?: NullableOption; + // SerialNumber + serialNumber?: NullableOption; + /** + * ComanagementEligibleStatus. Possible values are: comanaged, eligible, eligibleButNotAzureAdJoined, needsOsUpdate, + * ineligible, scheduledForEnrollment, unknownFutureValue. + */ + status?: ComanagementEligibleType; + // UPN + upn?: NullableOption; + // UserEmail + userEmail?: NullableOption; + // UserId + userId?: NullableOption; + // UserName + userName?: NullableOption; +} +export interface Command extends Entity { + appServiceName?: NullableOption; + error?: NullableOption; + packageFamilyName?: NullableOption; + payload?: NullableOption; + permissionTicket?: NullableOption; + postBackUri?: NullableOption; + status?: NullableOption; + type?: NullableOption; + responsepayload?: NullableOption; +} +export interface CommsApplication { + calls?: NullableOption; + onlineMeetings?: NullableOption; +} +export interface CommsOperation extends Entity { + // Unique Client Context string. Max limit is 256 chars. + clientContext?: NullableOption; + // The result information. Read-only. + resultInfo?: NullableOption; + // Possible values are: notStarted, running, completed, failed. Read-only. + status?: OperationStatus; +} +export interface Community extends Entity { + // The description of the community. The maximum length is 1024 characters. + description?: string; + // The name of the community. The maximum length is 255 characters. + displayName?: string; + // The ID of the Microsoft 365 group that manages the membership of this community. + groupId?: NullableOption; + // Defines the privacy level of the community. The possible values are: public, private, unknownFutureValue. + privacy?: CommunityPrivacy; + // The Microsoft 365 group that manages the membership of this community. + group?: NullableOption; + /** + * The admins of the community. Limited to 100 users. If this property isn't specified when you create the community, the + * calling user is automatically assigned as the community owner. + */ + owners?: NullableOption; +} +export interface Company { + businessProfileId?: NullableOption; + displayName?: NullableOption; + id?: string; + name?: NullableOption; + systemVersion?: NullableOption; + accounts?: NullableOption; + agedAccountsPayable?: NullableOption; + agedAccountsReceivable?: NullableOption; + companyInformation?: NullableOption; + countriesRegions?: NullableOption; + currencies?: NullableOption; + customerPaymentJournals?: NullableOption; + customerPayments?: NullableOption; + customers?: NullableOption; + dimensions?: NullableOption; + dimensionValues?: NullableOption; + employees?: NullableOption; + generalLedgerEntries?: NullableOption; + itemCategories?: NullableOption; + items?: NullableOption; + journalLines?: NullableOption; + journals?: NullableOption; + paymentMethods?: NullableOption; + paymentTerms?: NullableOption; + picture?: NullableOption; + purchaseInvoiceLines?: NullableOption; + purchaseInvoices?: NullableOption; + salesCreditMemoLines?: NullableOption; + salesCreditMemos?: NullableOption; + salesInvoiceLines?: NullableOption; + salesInvoices?: NullableOption; + salesOrderLines?: NullableOption; + salesOrders?: NullableOption; + salesQuoteLines?: NullableOption; + salesQuotes?: NullableOption; + shipmentMethods?: NullableOption; + taxAreas?: NullableOption; + taxGroups?: NullableOption; + unitsOfMeasure?: NullableOption; + vendors?: NullableOption; +} +export interface CompanyInformation { + address?: NullableOption; + currencyCode?: NullableOption; + currentFiscalYearStartDate?: NullableOption; + displayName?: NullableOption; + email?: NullableOption; + faxNumber?: NullableOption; + id?: string; + industry?: NullableOption; + lastModifiedDateTime?: NullableOption; + phoneNumber?: NullableOption; + picture?: NullableOption; + taxRegistrationNumber?: NullableOption; + website?: NullableOption; +} +export interface CompanySubscription extends Entity { + // The ID of this subscription in the commerce system. Alternate key. + commerceSubscriptionId?: NullableOption; + /** + * The date and time when this subscription was created. The DateTimeOffset type represents date and time information + * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + */ + createdDateTime?: NullableOption; + // Whether the subscription is a free trial or purchased. + isTrial?: NullableOption; + /** + * The date and time when the subscription will move to the next state (as defined by the status property) if not renewed + * by the tenant. The DateTimeOffset type represents date and time information using ISO 8601 format and is always in UTC + * time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + */ + nextLifecycleDateTime?: NullableOption; + ocpSubscriptionId?: NullableOption; + // The object ID of the account admin. + ownerId?: NullableOption; + // The unique identifier for the Microsoft partner tenant that created the subscription on a customer tenant. + ownerTenantId?: NullableOption; + // Indicates the entity that ownerId belongs to, for example, 'User'. + ownerType?: NullableOption; + // The provisioning status of each service that's included in this subscription. + serviceStatus?: ServicePlanInfo[]; + // The object ID of the SKU associated with this subscription. + skuId?: NullableOption; + // The SKU associated with this subscription. + skuPartNumber?: NullableOption; + // The status of this subscription. Possible values are: Enabled, Deleted, Suspended, Warning, LockedOut. + status?: NullableOption; + // The number of seats included in this subscription. + totalLicenses?: NullableOption; +} +export interface Compliance { + ediscovery?: NullableOption; +} +export interface ComplianceManagementPartner extends Entity { + // User groups which enroll Android devices through partner. + androidEnrollmentAssignments?: NullableOption; + // Partner onboarded for Android devices. + androidOnboarded?: boolean; + // Partner display name + displayName?: NullableOption; + // User groups which enroll ios devices through partner. + iosEnrollmentAssignments?: NullableOption; + // Partner onboarded for ios devices. + iosOnboarded?: boolean; + // Timestamp of last heartbeat after admin onboarded to the compliance management partner + lastHeartbeatDateTime?: string; + // User groups which enroll Mac devices through partner. + macOsEnrollmentAssignments?: NullableOption; + // Partner onboarded for Mac devices. + macOsOnboarded?: boolean; + // Partner state of this tenant. Possible values are: unknown, unavailable, enabled, terminated, rejected, unresponsive. + partnerState?: DeviceManagementPartnerTenantState; +} +export interface ConditionalAccessPolicy extends Entity { + // Specifies the rules that must be met for the policy to apply. Required. + conditions?: ConditionalAccessConditionSet; + /** + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. */ - microsoftManagedDesktop?: NullableOption; + createdDateTime?: NullableOption; + // Not used. + description?: NullableOption; + // Specifies a display name for the conditionalAccessPolicy object. + displayName?: string; + // Specifies the grant controls that must be fulfilled to pass the policy. + grantControls?: NullableOption; /** - * The ID of the cloudPcOnPremisesConnection. To ensure that Cloud PCs have network connectivity and that they domain - * join, choose a connection with a virtual network that’s validated by the Cloud PC service. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. */ - onPremisesConnectionId?: NullableOption; + modifiedDateTime?: NullableOption; + // Specifies the session controls that are enforced after sign-in. + sessionControls?: NullableOption; /** - * Specifies the type of license used when provisioning Cloud PCs using this policy. By default, the license type is - * dedicated if the provisioningType isn't specified when you create the cloudPcProvisioningPolicy. You can't change this - * property after the cloudPcProvisioningPolicy was created. Possible values are: dedicated, shared, unknownFutureValue. + * Specifies the state of the conditionalAccessPolicy object. Possible values are: enabled, disabled, + * enabledForReportingButNotEnforced. Required. */ - provisioningType?: NullableOption; - scopeIds?: NullableOption; - // Specific Windows settings to configure while creating Cloud PCs for this provisioning policy. - windowsSettings?: NullableOption; + state?: ConditionalAccessPolicyState; +} +export interface ConditionalAccessRoot extends Entity { + // Read-only. Nullable. Returns a collection of the specified authentication context class references. + authenticationContextClassReferences?: NullableOption; /** - * A defined collection of provisioning policy assignments. Represents the set of Microsoft 365 groups and security groups - * in Microsoft Entra ID that have provisioning policy assigned. Returned only on $expand. For an example about how to get - * the assignments relationship, see Get cloudPcProvisioningPolicy. + * Defines the authentication strength policies, valid authentication method combinations, and authentication method mode + * details that can be required by a conditional access policy. */ - assignments?: NullableOption; + authenticationStrength?: NullableOption; + authenticationStrengths?: NullableOption; + // Read-only. Nullable. Returns a collection of the specified named locations. + namedLocations?: NullableOption; + // Read-only. Nullable. Returns a collection of the specified Conditional Access policies. + policies?: NullableOption; + // Read-only. Nullable. Returns a collection of the specified Conditional Access templates. + templates?: NullableOption; } -export interface CloudPcProvisioningPolicyAssignment extends Entity { +export interface ConditionalAccessTemplate extends Entity { + // The user-friendly name of the template. + description?: string; /** - * The assignment target for the provisioning policy. Currently, the only target supported for this policy is a user - * group. For details, see cloudPcManagementGroupAssignmentTarget. + * Complete list of policy details specific to the template. This property contains the JSON of policy settings for + * configuring a Conditional Access policy. */ - target?: NullableOption; + details?: ConditionalAccessPolicyDetail; + // The user-friendly name of the template. + name?: string; /** - * The assignment targeted users for the provisioning policy. This list of users is computed based on assignments, - * licenses, group memberships, and policies. This property is read-only. Supports$expand. + * List of conditional access scenarios that the template is recommended for. The possible values are: new, + * secureFoundation, zeroTrust, remoteWork, protectAdmins, emergingThreats, unknownFutureValue. This is a multi-valued + * enum. Supports $filter (has). */ - assignedUsers?: NullableOption; + scenarios?: TemplateScenarios; } -export interface CloudPcReports extends Entity { - // The export jobs created for downloading reports. - exportJobs?: NullableOption; +export interface ConditionalAccessWhatIfPolicy extends ConditionalAccessPolicy { + policyApplies?: boolean; + reasons?: ConditionalAccessWhatIfReasons[]; } -export interface CloudPcServicePlan extends Entity { - // The name for the service plan. Read-only. - displayName?: string; +export interface ConfigManagerCollection extends Entity { + // The collection identifier in SCCM. + collectionIdentifier?: NullableOption; + // The created date. + createdDateTime?: string; + // The DisplayName. + displayName?: NullableOption; + // The Hierarchy Identifier. + hierarchyIdentifier?: NullableOption; + // The HierarchyName. + hierarchyName?: NullableOption; + // The last modified date. + lastModifiedDateTime?: string; +} +export interface ConnectedOrganization extends Entity { + // UPN of the user who created this resource. Read-only. + createdBy?: NullableOption; /** - * Specifies the type of license used when provisioning Cloud PCs. By default, the license type is dedicated. Possible - * values are: dedicated, shared, unknownFutureValue. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - provisioningType?: NullableOption; - // The size of the RAM in GB. Read-only. - ramInGB?: number; - // The size of the OS Disk in GB. Read-only. - storageInGB?: number; + createdDateTime?: NullableOption; + // The description of the connected organization. + description?: NullableOption; + // The display name of the connected organization. Supports $filter (eq). + displayName?: NullableOption; /** - * The supported service or solution for the region. The possible values are: windows365, devBox, rpaBox, - * unknownFutureValue. Read-only. + * The identity sources in this connected organization, one of azureActiveDirectoryTenant, + * crossCloudAzureActiveDirectoryTenant, domainIdentitySource, externalDomainFederation, or socialIdentitySource. + * Read-only. Nullable. Supports $select and $filter(eq). To filter by the derived types, you must declare the resource + * using its full OData cast, for example, + * $filter=identitySources/any(is:is/microsoft.graph.azureActiveDirectoryTenant/tenantId eq + * 'bcfdfff4-cbc3-43f2-9000-ba7b7515054f'). */ - supportedSolution?: CloudPcManagementService; - // The type of the service plan. Possible values are: enterprise, business, unknownFutureValue. Read-only. - type?: NullableOption; - // The size of the user profile disk in GB. Read-only. - userProfileInGB?: number; - // The number of vCPUs. Read-only. - vCpuCount?: number; + identitySources?: NullableOption; + // UPN of the user who last modified this resource. Read-only. + modifiedBy?: NullableOption; + /** + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. + */ + modifiedDateTime?: NullableOption; + /** + * The state of a connected organization defines whether assignment policies with requestor scope type + * AllConfiguredConnectedOrganizationSubjects are applicable or not. Possible values are: configured, proposed. + */ + state?: NullableOption; + externalSponsors?: NullableOption; + internalSponsors?: NullableOption; } -export interface CloudPcSharedUseServicePlan extends Entity { - // The display name of the shared-use service plan. - displayName?: NullableOption; - // Total number of shared-use service plans purchased by the customer. - totalCount?: NullableOption; - // The number of service plans that the account uses. - usedCount?: NullableOption; +export interface ConnectionOperation extends Entity { + error?: NullableOption; + status?: NullableOption; } -export interface CloudPcSnapshot extends Entity { - // The unique identifier for the Cloud PC. - cloudPcId?: string; +export interface Connector extends Entity { + // The external IP address as detected by the connector server. Read-only. + externalIp?: string; + // The name of the computer on which the connector is installed and runs on. + machineName?: string; + // Indicates the status of the connector. The possible values are: active, inactive. Read-only. + status?: ConnectorStatus; + // The version of the connector. + version?: string; + // The connectorGroup that the connector is a member of. Read-only. + memberOf?: NullableOption; +} +export interface ConnectorGroup extends Entity { + // Indicates the type of hybrid agent. This pre-set by the system. Possible values are: applicationProxy. Read-only. + connectorGroupType?: ConnectorGroupType; /** - * The date and time at which the snapshot was taken. The timestamp is shown in ISO 8601 format and Coordinated Universal - * Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Indicates if the connectorGroup is the default connectorGroup. Only a single connector group can be the default + * connectorGroup and this is pre-set by the system. Read-only. */ - createdDateTime?: NullableOption; + isDefault?: boolean; + // The name associated with the connectorGroup. + name?: string; /** - * The date and time when the snapshot expires. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) - * time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * The region the connectorGroup is assigned to and will optimize traffic for. This region can only be set if no + * connectors or applications are assigned to the connectorGroup. The possible values are: nam (for North America), eur + * (for Europe), aus (for Australia), asia (for Asia), ind (for India), and unknownFutureValue. */ - expirationDateTime?: NullableOption; + region?: NullableOption; + applications?: NullableOption; + members?: NullableOption; +} +export interface Contact extends OutlookItem { + // The name of the contact's assistant. + assistantName?: NullableOption; /** - * The date and time at which the snapshot was last used to restore the Cloud PC device. The timestamp is shown in ISO - * 8601 format and Coordinated Universal Time (UTC). For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * The contact's birthday. The Timestamp type represents date and time information using ISO 8601 format and is always in + * UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z */ - lastRestoredDateTime?: NullableOption; + birthday?: NullableOption; + // The names of the contact's children. + children?: NullableOption; + // The name of the contact's company. + companyName?: NullableOption; + // The contact's department. + department?: NullableOption; /** - * The type of snapshot that indicates how to create the snapshot. Possible values are automatic, manual. Default value is - * automatic. + * The contact's display name. You can specify the display name in a create or update operation. Note that later updates + * to other properties may cause an automatically generated value to overwrite the displayName value you have specified. + * To preserve a pre-existing value, always include it as displayName in an update operation. */ - snapshotType?: NullableOption; - // The status of the Cloud PC snapshot. The possible values are: ready, unknownFutureValue. - status?: NullableOption; + displayName?: NullableOption; + // The contact's email addresses. + emailAddresses?: NullableOption; + // The name the contact is filed under. + fileAs?: NullableOption; + // The flag value that indicates the status, start date, due date, or completion date for the contact. + flag?: NullableOption; + // The contact's gender. + gender?: NullableOption; + // The contact's generation. + generation?: NullableOption; + // The contact's given name. + givenName?: NullableOption; + // The contact's instant messaging (IM) addresses. + imAddresses?: NullableOption; + // The contact's initials. + initials?: NullableOption; + isFavorite?: NullableOption; + // The contact’s job title. + jobTitle?: NullableOption; + // The name of the contact's manager. + manager?: NullableOption; + // The contact's middle name. + middleName?: NullableOption; + // The contact's nickname. + nickName?: NullableOption; + // The location of the contact's office. + officeLocation?: NullableOption; + // The ID of the contact's parent folder. + parentFolderId?: NullableOption; + // The user's notes about the contact. + personalNotes?: NullableOption; + // Phone numbers associated with the contact, for example, home phone, mobile phone, and business phone. + phones?: NullableOption; + // Addresses associated with the contact, for example, home address and business address. + postalAddresses?: NullableOption; + // The contact's profession. + profession?: NullableOption; + // The name of the contact's spouse/partner. + spouseName?: NullableOption; + // The contact's surname. + surname?: NullableOption; + // The contact's title. + title?: NullableOption; + // Web sites associated with the contact. + websites?: NullableOption; + // The contact's wedding anniversary. + weddingAnniversary?: NullableOption; + // The phonetic Japanese company name of the contact. + yomiCompanyName?: NullableOption; + // The phonetic Japanese given name (first name) of the contact. + yomiGivenName?: NullableOption; + // The phonetic Japanese surname (last name) of the contact. + yomiSurname?: NullableOption; + // The collection of open extensions defined for the contact. Nullable. + extensions?: NullableOption; + // The collection of multi-value extended properties defined for the contact. Read-only. Nullable. + multiValueExtendedProperties?: NullableOption; + // Optional contact picture. You can get or set a photo for a contact. + photo?: NullableOption; + // The collection of single-value extended properties defined for the contact. Read-only. Nullable. + singleValueExtendedProperties?: NullableOption; } -export interface CloudPcSupportedRegion extends Entity { - // The name for the supported region. Read-only. - displayName?: string; +export interface ContactFolder extends Entity { + // The folder's display name. + displayName?: NullableOption; + // The ID of the folder's parent folder. + parentFolderId?: NullableOption; + // The name of the folder if the folder is a recognized folder. Currently contacts is the only recognized contacts folder. + wellKnownName?: NullableOption; + // The collection of child folders in the folder. Navigation property. Read-only. Nullable. + childFolders?: NullableOption; + // The contacts in the folder. Navigation property. Read-only. Nullable. + contacts?: NullableOption; + // The collection of multi-value extended properties defined for the contactFolder. Read-only. Nullable. + multiValueExtendedProperties?: NullableOption; + // The collection of single-value extended properties defined for the contactFolder. Read-only. Nullable. + singleValueExtendedProperties?: NullableOption; +} +export interface ContactMergeSuggestions extends Entity { /** - * The geographic group this region belongs to. Multiple regions can belong to one region group. For example, the - * europeUnion region group contains the Northern Europe and Western Europe regions. A customer can select a region group - * when provisioning a Cloud PC; however, the Cloud PC is put under one of the regions under the group based on resource - * capacity. The region with more quota will be chosen. Possible values are: default, australia, canada, usCentral, - * usEast, usWest, france, germany, europeUnion, unitedKingdom, japan, asia, india, southAmerica, euap, usGovernment, - * usGovernmentDOD, unknownFutureValue, norway, switzerland,southKorea. You must use the Prefer: - * include-unknown-enum-members request header to get the following value(s) in this evolvable enum: norway, - * switzerland,southKorea. Read-only. + * true if the duplicate contact merge suggestions feature is enabled for the user; false if the feature is disabled. + * Default value is true. */ - regionGroup?: CloudPcRegionGroup; + isEnabled?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface ContentSharingSession extends Entity {} +export interface ContentType extends Entity { /** - * The status of the supported region. Possible values are: available, restricted, unavailable, unknownFutureValue. - * Read-only. + * List of canonical URLs for hub sites with which this content type is associated to. This contains all hub sites where + * this content type is queued to be enforced or is already enforced. Enforcing a content type means that the content type + * is applied to the lists in the enforced sites. */ - regionStatus?: NullableOption; + associatedHubsUrls?: NullableOption; + // The descriptive text for the item. + description?: NullableOption; + // Document Set metadata. + documentSet?: NullableOption; /** - * The supported service or solution for the region. The possible values are: windows365, devBox, unknownFutureValue, - * rpaBox. You must use the Prefer: include-unknown-enum-members request header to get the following value(s) in this - * evolvable enum: rpaBox. Read-only. + * Document template metadata. To make sure that documents have consistent content across a site and its subsites, you can + * associate a Word, Excel, or PowerPoint template with a site content type. */ - supportedSolution?: CloudPcManagementService; -} -export interface CloudPcUserSetting extends Entity { + documentTemplate?: NullableOption; + // The name of the group this content type belongs to. Helps organize related content types. + group?: NullableOption; + // Indicates whether the content type is hidden in the list's 'New' menu. + hidden?: NullableOption; /** - * The date and time the setting was created. The Timestamp type represents the date and time information using ISO 8601 - * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: '2014-01-01T00:00:00Z'. + * If this content type is inherited from another scope (like a site), provides a reference to the item where the content + * type is defined. */ - createdDateTime?: NullableOption; - // The setting name displayed in the user interface. - displayName?: NullableOption; + inheritedFrom?: NullableOption; + // Specifies if a content type is a built-in content type. + isBuiltIn?: NullableOption; + // The name of the content type. + name?: NullableOption; + // Specifies the order in which the content type appears in the selection UI. + order?: NullableOption; + // The unique identifier of the content type. + parentId?: NullableOption; /** - * The last date and time the setting was modified. The Timestamp type represents the date and time information using ISO - * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like - * this: '2014-01-01T00:00:00Z'. + * If true, any changes made to the content type are pushed to inherited content types and lists that implement the + * content type. */ - lastModifiedDateTime?: NullableOption; + propagateChanges?: NullableOption; + // If true, the content type can't be modified unless this value is first set to false. + readOnly?: NullableOption; /** - * Indicates whether the local admin option is enabled. Default value is false. To enable the local admin option, change - * the setting to true. If the local admin option is enabled, the end user can be an admin of the Cloud PC device. + * If true, the content type can't be modified by users or through push-down operations. Only site collection + * administrators can seal or unseal content types. */ - localAdminEnabled?: NullableOption; + sealed?: NullableOption; + // Parent contentType from which this content type is derived. + base?: NullableOption; + // The collection of content types that are ancestors of this content type. + baseTypes?: NullableOption; + // The collection of columns that are required by this content type. + columnLinks?: NullableOption; + // Column order information in a content type. + columnPositions?: NullableOption; + // The collection of column definitions for this content type. + columns?: NullableOption; +} +export interface ContinuousAccessEvaluationPolicy extends Entity { /** - * Indicates whether an end user is allowed to reset their Cloud PC. When true, the user is allowed to reset their Cloud - * PC. When false, end-user initiated reset is not allowed. The default value is false. + * Continuous access evaluation automatically blocks access to resources and applications in near real time when a user's + * access is removed or a client IP address changes. Read-only. */ - resetEnabled?: NullableOption; + description?: string; + // The value is always Continuous Access Evaluation. Read-only. + displayName?: string; /** - * Defines how frequently a restore point is created that is, a snapshot is taken) for users' provisioned Cloud PCs - * (default is 12 hours), and whether the user is allowed to restore their own Cloud PCs to a backup made at a specific - * point in time. + * The collection of group identifiers in scope for evaluation. All groups are in scope when the collection is empty. + * Read-only. */ - restorePointSetting?: NullableOption; + groups?: string[]; + // true to indicate whether continuous access evaluation should be performed; otherwise false. Read-only. + isEnabled?: boolean; /** - * Indicates whether the self-service option is enabled. Default value is false. To enable the self-service option, change - * the setting to true. If the self-service option is enabled, the end user is allowed to perform some self-service - * operations, such as upgrading the Cloud PC through the end user portal. + * true to indicate that the continuous access evaluation policy settings should be or has been migrated to the + * conditional access policy. */ - selfServiceEnabled?: NullableOption; + migrate?: boolean; /** - * Represents the set of Microsoft 365 groups and security groups in Microsoft Entra ID that have cloudPCUserSetting - * assigned. Returned only on $expand. For an example, see Get cloudPcUserSettingample. + * The collection of user identifiers in scope for evaluation. All users are in scope when the collection is empty. + * Read-only. */ - assignments?: NullableOption; + users?: string[]; } -export interface CloudPcUserSettingAssignment extends Entity { +export interface Contract extends DirectoryObject { /** - * The date and time this assignment was created. The Timestamp type represents the date and time information using ISO - * 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 looks like this: - * '2014-01-01T00:00:00Z'. + * Type of contract. Possible values are: SyndicationPartner, BreadthPartner, ResellerPartner. See more in the table + * below. */ - createdDateTime?: NullableOption; + contractType?: NullableOption; /** - * The assignment target for the user setting. Currently, the only target supported for this user setting is a user group. - * For details, see cloudPcManagementGroupAssignmentTarget. + * The unique identifier for the customer tenant referenced by this partnership. Corresponds to the id property of the + * customer tenant's organization resource. */ - target?: NullableOption; -} -export interface DeviceManagement extends Entity { - // The last requested time of device compliance reporting for this account. This property is read-only. - deviceComplianceReportSummarizationDateTime?: string; - // Intune Account ID for given tenant - intuneAccountId?: string; - // The last modified time of reporting for this account. This property is read-only. - lastReportAggregationDateTime?: string; - // The property to enable Non-MDM managed legacy PC management for this account. This property is read-only. - legacyPcManangementEnabled?: boolean; - // Maximum number of DEP tokens allowed per-tenant. - maximumDepTokens?: number; - // Account level settings. - settings?: NullableOption; + customerId?: NullableOption; /** - * When enabled, users assigned as administrators via Role Assignment Memberships do not require an assigned Intune - * license. Prior to this, only Intune licensed users were granted permissions with an Intune role unless they were - * assigned a role via Azure Active Directory. You are limited to 350 unlicensed direct members for each AAD security - * group in a role assignment, but you can assign multiple AAD security groups to a role if you need to support more than - * 350 unlicensed administrators. Licensed administrators are unaffected, do not have to be direct members, nor does the - * 350 member limit apply. This property is read-only. + * A copy of the customer tenant's default domain name. The copy is made when the partnership with the customer is + * established. It isn't automatically updated if the customer tenant's default domain name changes. */ - unlicensedAdminstratorsEnabled?: boolean; + defaultDomainName?: NullableOption; /** - * intuneBrand contains data which is used in customizing the appearance of the Company Portal applications as well as the - * end user web portal. + * A copy of the customer tenant's display name. The copy is made when the partnership with the customer is established. + * It isn't automatically updated if the customer tenant's display name changes. */ - intuneBrand?: NullableOption; - // The date & time when tenant data moved between scaleunits. - accountMoveCompletionDateTime?: string; - // Admin consent information. - adminConsent?: NullableOption; - // A configuration entity for MEM features that utilize Data Processor Service for Windows (DPSW) data. - dataProcessorServiceForWindowsFeaturesOnboarding?: NullableOption; - // Device protection overview. - deviceProtectionOverview?: NullableOption; - // Device cleanup rule - managedDeviceCleanupSettings?: NullableOption; - // Tenant's Subscription. Possible values are: none, intune, office365, intunePremium, intuneEDU, intuneSMB. - subscriptions?: DeviceManagementSubscriptions; + displayName?: NullableOption; +} +export interface Conversation extends Entity { /** - * Tenant mobile device management subscription state. Possible values are: pending, active, warning, disabled, deleted, - * blocked, lockedOut. + * Indicates whether any of the posts within this Conversation has at least one attachment. Supports $filter (eq, ne) and + * $search. */ - subscriptionState?: DeviceManagementSubscriptionState; + hasAttachments?: boolean; /** - * The user experience analytics anomaly severity overview entity contains the count information for each severity of - * anomaly. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq, ne, le, ge). */ - userExperienceAnalyticsAnomalySeverityOverview?: NullableOption; - // User experience analytics device settings - userExperienceAnalyticsSettings?: NullableOption; - // Malware overview for windows devices. - windowsMalwareOverview?: NullableOption; - // The list of connector status for the tenant. - connectorStatus?: NullableOption; - monitoring?: NullableOption; - virtualEndpoint?: NullableOption; - // Android device owner enrollment profile entities. - androidDeviceOwnerEnrollmentProfiles?: NullableOption; - // Android for Work app configuration schema entities. - androidForWorkAppConfigurationSchemas?: NullableOption; - // Android for Work enrollment profile entities. - androidForWorkEnrollmentProfiles?: NullableOption; - // The singleton Android for Work settings entity. - androidForWorkSettings?: NullableOption; - // The singleton Android managed store account enterprise settings entity. - androidManagedStoreAccountEnterpriseSettings?: NullableOption; - // Android Enterprise app configuration schema entities. - androidManagedStoreAppConfigurationSchemas?: NullableOption; - // The Audit Events - auditEvents?: NullableOption; - // The list of assignment filters - assignmentFilters?: NullableOption; - // Collection of ChromeOSOnboardingSettings settings associated with account. - chromeOSOnboardingSettings?: NullableOption; - // The terms and conditions associated with device management of the company. - termsAndConditions?: NullableOption; - // A list of ServiceNowConnections - serviceNowConnections?: NullableOption; - // The summary state of ATP onboarding state for this account. - advancedThreatProtectionOnboardingStateSummary?: NullableOption; - // The Cart To Class Associations. - cartToClassAssociations?: NullableOption; - // The device compliance policies. - deviceCompliancePolicies?: NullableOption; - // The device compliance state summary for this account. - deviceCompliancePolicyDeviceStateSummary?: NullableOption; - // The summary states of compliance policy settings for this account. - deviceCompliancePolicySettingStateSummaries?: NullableOption; - // Summary of policies in conflict state for this account. - deviceConfigurationConflictSummary?: NullableOption; - // The device configuration device state summary for this account. - deviceConfigurationDeviceStateSummaries?: NullableOption; - // Restricted apps violations for this account. - deviceConfigurationRestrictedAppsViolations?: NullableOption; - // The device configurations. - deviceConfigurations?: NullableOption; - // Summary of all certificates for all devices. - deviceConfigurationsAllManagedDeviceCertificateStates?: NullableOption; - // The device configuration user state summary for this account. - deviceConfigurationUserStateSummaries?: NullableOption; - // The IOS software update installation statuses for this account. - iosUpdateStatuses?: NullableOption; - // The MacOS software update account summaries for this account. - macOSSoftwareUpdateAccountSummaries?: NullableOption; - // Encryption report for devices in this account - managedDeviceEncryptionStates?: NullableOption; - // The collection of Ndes connectors for this account. - ndesConnectors?: NullableOption; - // The software update status summary. - softwareUpdateStatusSummary?: NullableOption; - // List of all compliance categories - complianceCategories?: NullableOption; - // List of all compliance policies - compliancePolicies?: NullableOption; - // List of all ComplianceSettings - complianceSettings?: NullableOption; - // List of all Configuration Categories - configurationCategories?: NullableOption; - // List of all Configuration policies - configurationPolicies?: NullableOption; - // List of all templates - configurationPolicyTemplates?: NullableOption; - // List of all ConfigurationSettings - configurationSettings?: NullableOption; - // List of all reusable settings that can be referred in a policy - reusablePolicySettings?: NullableOption; - // List of all reusable settings - reusableSettings?: NullableOption; - // List of setting insights in a template - templateInsights?: NullableOption; - // List of all TemplateSettings - templateSettings?: NullableOption; - // The list of Compliance Management Partners configured by the tenant. - complianceManagementPartners?: NullableOption; + lastDeliveredDateTime?: string; + // A short summary from the body of the latest post in this conversation. + preview?: string; + // The topic of the conversation. This property can be set when the conversation is created, but it cannot be updated. + topic?: string; + // All the users that sent a message to this Conversation. + uniqueSenders?: string[]; + // A collection of all the conversation threads in the conversation. A navigation property. Read-only. Nullable. + threads?: NullableOption; +} +export interface ConversationMember extends Entity { + // The display name of the user. + displayName?: NullableOption; /** - * The Exchange on premises conditional access settings. On premises conditional access will require devices to be both - * enrolled and compliant for mail access + * The roles for that user. This property contains additional qualifiers only when relevant - for example, if the member + * has owner privileges, the roles property contains owner as one of the values. Similarly, if the member is an in-tenant + * guest, the roles property contains guest as one of the values. A basic member should not have any values specified in + * the roles property. An Out-of-tenant external member is assigned the owner role. */ - conditionalAccessSettings?: NullableOption; - // The list of device categories with the tenant. - deviceCategories?: NullableOption; - // The list of device enrollment configurations - deviceEnrollmentConfigurations?: NullableOption; - // The list of Device Management Partners configured by the tenant. - deviceManagementPartners?: NullableOption; - // The list of Exchange Connectors configured by the tenant. - exchangeConnectors?: NullableOption; - // The list of Exchange On Premisis policies configured by the tenant. - exchangeOnPremisesPolicies?: NullableOption; - // The policy which controls mobile device access to Exchange On Premises - exchangeOnPremisesPolicy?: NullableOption; - // The list of Mobile threat Defense connectors configured by the tenant. - mobileThreatDefenseConnectors?: NullableOption; - // The available categories - categories?: NullableOption; - // The device management intents - intents?: NullableOption; - // The device management intent setting definitions - settingDefinitions?: NullableOption; - // The available templates - templates?: NullableOption; - // Apple push notification certificate. - applePushNotificationCertificate?: NullableOption; - // The list of CloudPC Connectivity Issue. - cloudPCConnectivityIssues?: NullableOption; - // The list of co-managed devices report - comanagedDevices?: NullableOption; - // The list of co-management eligible devices report - comanagementEligibleDevices?: NullableOption; - // Data sharing consents. - dataSharingConsents?: NullableOption; - // The list of detected apps associated with a device. - detectedApps?: NullableOption; - // The list of device compliance scripts associated with the tenant. - deviceComplianceScripts?: NullableOption; - // The list of device custom attribute shell scripts associated with the tenant. - deviceCustomAttributeShellScripts?: NullableOption; - // The list of device health scripts associated with the tenant. - deviceHealthScripts?: NullableOption; - // The list of device management scripts associated with the tenant. - deviceManagementScripts?: NullableOption; - // The list of device shell scripts associated with the tenant. - deviceShellScripts?: NullableOption; - // Device overview - managedDeviceOverview?: NullableOption; - // The list of managed devices. - managedDevices?: NullableOption; - // The collection property of MobileAppTroubleshootingEvent. - mobileAppTroubleshootingEvents?: NullableOption; - // The endpoint privilege management elevation event entity contains elevation details. - privilegeManagementElevations?: NullableOption; - // The list of device remote action audits with the tenant. - remoteActionAudits?: NullableOption; - // TenantAttach RBAC Enablement - tenantAttachRBAC?: NullableOption; - // The user experience analytics anomaly entity contains anomaly details. - userExperienceAnalyticsAnomaly?: NullableOption; + roles?: NullableOption; /** - * The user experience analytics anomaly correlation group overview entity contains the information for each correlation - * group of an anomaly. + * The timestamp denoting how far back a conversation's history is shared with the conversation member. This property is + * settable only for members of a chat. */ - userExperienceAnalyticsAnomalyCorrelationGroupOverview?: NullableOption; - // The user experience analytics anomaly entity contains device details. - userExperienceAnalyticsAnomalyDevice?: NullableOption; - // User experience analytics appHealth Application Performance - userExperienceAnalyticsAppHealthApplicationPerformance?: NullableOption; - // User experience analytics appHealth Application Performance by App Version - userExperienceAnalyticsAppHealthApplicationPerformanceByAppVersion?: NullableOption; - // User experience analytics appHealth Application Performance by App Version details - userExperienceAnalyticsAppHealthApplicationPerformanceByAppVersionDetails?: NullableOption; - // User experience analytics appHealth Application Performance by App Version Device Id - userExperienceAnalyticsAppHealthApplicationPerformanceByAppVersionDeviceId?: NullableOption; - // User experience analytics appHealth Application Performance by OS Version - userExperienceAnalyticsAppHealthApplicationPerformanceByOSVersion?: NullableOption; - // User experience analytics appHealth Model Performance - userExperienceAnalyticsAppHealthDeviceModelPerformance?: NullableOption; - // User experience analytics appHealth Device Performance - userExperienceAnalyticsAppHealthDevicePerformance?: NullableOption; - // User experience analytics device performance details - userExperienceAnalyticsAppHealthDevicePerformanceDetails?: NullableOption; - // User experience analytics appHealth OS version Performance - userExperienceAnalyticsAppHealthOSVersionPerformance?: NullableOption; - // User experience analytics appHealth overview - userExperienceAnalyticsAppHealthOverview?: NullableOption; - // User experience analytics baselines - userExperienceAnalyticsBaselines?: NullableOption; - // User Experience Analytics Battery Health App Impact - userExperienceAnalyticsBatteryHealthAppImpact?: NullableOption; - // User Experience Analytics Battery Health Capacity Details - userExperienceAnalyticsBatteryHealthCapacityDetails?: NullableOption; - // User Experience Analytics Battery Health Device App Impact - userExperienceAnalyticsBatteryHealthDeviceAppImpact?: NullableOption; - // User Experience Analytics Battery Health Device Performance - userExperienceAnalyticsBatteryHealthDevicePerformance?: NullableOption; - // User Experience Analytics Battery Health Device Runtime History - userExperienceAnalyticsBatteryHealthDeviceRuntimeHistory?: NullableOption; - // User Experience Analytics Battery Health Model Performance - userExperienceAnalyticsBatteryHealthModelPerformance?: NullableOption; - // User Experience Analytics Battery Health Os Performance - userExperienceAnalyticsBatteryHealthOsPerformance?: NullableOption; - // User Experience Analytics Battery Health Runtime Details - userExperienceAnalyticsBatteryHealthRuntimeDetails?: NullableOption; - // User experience analytics categories - userExperienceAnalyticsCategories?: NullableOption; - // User experience analytics device metric history - userExperienceAnalyticsDeviceMetricHistory?: NullableOption; - // User experience analytics device performance - userExperienceAnalyticsDevicePerformance?: NullableOption; + visibleHistoryStartDateTime?: NullableOption; +} +export interface ConversationThread extends Entity { + // The Cc: recipients for the thread. Returned only on $select. + ccRecipients?: Recipient[]; + // Indicates whether any of the posts within this thread has at least one attachment. Returned by default. + hasAttachments?: boolean; + // Indicates if the thread is locked. Returned by default. + isLocked?: boolean; /** - * The user experience analytics device scope entity endpoint to trigger on the service to either START or STOP computing - * metrics data based on a device scope configuration. + * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Returned by default. */ - userExperienceAnalyticsDeviceScope?: NullableOption; + lastDeliveredDateTime?: string; + // A short summary from the body of the latest post in this conversation. Returned by default. + preview?: string; /** - * The user experience analytics device scope entity contains device scope configuration use to apply filtering on the - * endpoint analytics reports. + * The topic of the conversation. This property can be set when the conversation is created, but it cannot be updated. + * Returned by default. */ - userExperienceAnalyticsDeviceScopes?: NullableOption; - // User experience analytics device scores - userExperienceAnalyticsDeviceScores?: NullableOption; - // User experience analytics device Startup History - userExperienceAnalyticsDeviceStartupHistory?: NullableOption; - // User experience analytics device Startup Processes - userExperienceAnalyticsDeviceStartupProcesses?: NullableOption; - // User experience analytics device Startup Process Performance - userExperienceAnalyticsDeviceStartupProcessPerformance?: NullableOption; - // User experience analytics devices without cloud identity. - userExperienceAnalyticsDevicesWithoutCloudIdentity?: NullableOption; - // The user experience analytics device events entity contains NRT device timeline event details. - userExperienceAnalyticsDeviceTimelineEvent?: NullableOption; - // User experience analytics impacting process - userExperienceAnalyticsImpactingProcess?: NullableOption; - // User experience analytics metric history - userExperienceAnalyticsMetricHistory?: NullableOption; - // User experience analytics model scores - userExperienceAnalyticsModelScores?: NullableOption; - // User experience analytics devices not Windows Autopilot ready. - userExperienceAnalyticsNotAutopilotReadyDevice?: NullableOption; - // User experience analytics overview - userExperienceAnalyticsOverview?: NullableOption; - // User experience analytics remote connection - userExperienceAnalyticsRemoteConnection?: NullableOption; - // User experience analytics resource performance - userExperienceAnalyticsResourcePerformance?: NullableOption; - // User experience analytics device Startup Score History - userExperienceAnalyticsScoreHistory?: NullableOption; - // User experience analytics work from anywhere hardware readiness metrics. - userExperienceAnalyticsWorkFromAnywhereHardwareReadinessMetric?: NullableOption; - // User experience analytics work from anywhere metrics. - userExperienceAnalyticsWorkFromAnywhereMetrics?: NullableOption; - // The user experience analytics work from anywhere model performance - userExperienceAnalyticsWorkFromAnywhereModelPerformance?: NullableOption; - // The list of affected malware in the tenant. - windowsMalwareInformation?: NullableOption; - // Collection of Derived credential settings associated with account. - derivedCredentials?: NullableOption; - // Collection of resource access settings associated with account. - resourceAccessProfiles?: NullableOption; - // Apple user initiated enrollment profiles - appleUserInitiatedEnrollmentProfiles?: NullableOption; - // This collections of multiple DEP tokens per-tenant. - depOnboardingSettings?: NullableOption; - // The imported device identities. - importedDeviceIdentities?: NullableOption; - // Collection of imported Windows autopilot devices. - importedWindowsAutopilotDeviceIdentities?: NullableOption; - // Windows auto pilot deployment profiles - windowsAutopilotDeploymentProfiles?: NullableOption; - // The Windows autopilot device identities contained collection. - windowsAutopilotDeviceIdentities?: NullableOption; - // The Windows autopilot account settings. - windowsAutopilotSettings?: NullableOption; - // List of elevation requests - elevationRequests?: NullableOption; - // The Collection of ZebraFotaArtifacts. - zebraFotaArtifacts?: NullableOption; - // The singleton ZebraFotaConnector associated with account. - zebraFotaConnector?: NullableOption; - // Collection of ZebraFotaDeployments associated with account. - zebraFotaDeployments?: NullableOption; - // A list of Group Policy migration reports. - groupPolicyMigrationReports?: NullableOption; - // A list of Group Policy Object files uploaded. - groupPolicyObjectFiles?: NullableOption; - // The available group policy categories for this account. - groupPolicyCategories?: NullableOption; - // The group policy configurations created by this account. - groupPolicyConfigurations?: NullableOption; - // The available group policy definition files for this account. - groupPolicyDefinitionFiles?: NullableOption; - // The available group policy definitions for this account. - groupPolicyDefinitions?: NullableOption; - // The available group policy uploaded definition files for this account. - groupPolicyUploadedDefinitionFiles?: NullableOption; - // Collection of MicrosoftTunnelConfiguration settings associated with account. - microsoftTunnelConfigurations?: NullableOption; - // Collection of MicrosoftTunnelHealthThreshold settings associated with account. - microsoftTunnelHealthThresholds?: NullableOption; - // Collection of MicrosoftTunnelServerLogCollectionResponse settings associated with account. - microsoftTunnelServerLogCollectionResponses?: NullableOption; - // Collection of MicrosoftTunnelSite settings associated with account. - microsoftTunnelSites?: NullableOption; - // The Notification Message Templates. - notificationMessageTemplates?: NullableOption; - // A list of connector objects. - domainJoinConnectors?: NullableOption; - // A list of ConfigManagerCollection - configManagerCollections?: NullableOption; - // The Resource Operations. - resourceOperations?: NullableOption; - // The Role Assignments. - roleAssignments?: NullableOption; - // The Role Definitions. - roleDefinitions?: NullableOption; - // The Role Scope Tags. - roleScopeTags?: NullableOption; - // The remote assist partners. - remoteAssistancePartners?: NullableOption; - // The remote assistance settings singleton - remoteAssistanceSettings?: NullableOption; - // Reports singleton - reports?: NullableOption; - // The embedded SIM activation code pools created by this account. - embeddedSIMActivationCodePools?: NullableOption; - // The telecom expense management partners. - telecomExpenseManagementPartners?: NullableOption; - // The list of autopilot events for the tenant. - autopilotEvents?: NullableOption; - // The list of troubleshooting events for the tenant. - troubleshootingEvents?: NullableOption; - // A collection of windows driver update profiles - windowsDriverUpdateProfiles?: NullableOption; - // A collection of windows feature update profiles - windowsFeatureUpdateProfiles?: NullableOption; - // A collection of windows quality update profiles - windowsQualityUpdateProfiles?: NullableOption; - // A collection of windows update catalog items (fetaure updates item , quality updates item) - windowsUpdateCatalogItems?: NullableOption; - // Intune branding profiles targeted to AAD groups - intuneBrandingProfiles?: NullableOption; - // The windows information protection app learning summaries. - windowsInformationProtectionAppLearningSummaries?: NullableOption; - // The windows information protection network learning summaries. - windowsInformationProtectionNetworkLearningSummaries?: NullableOption; - // Collection of certificate connector details, each associated with a corresponding Intune Certificate Connector. - certificateConnectorDetails?: NullableOption; - // Collection of PFX certificates associated with a user. - userPfxCertificates?: NullableOption; + topic?: string; + // The To: recipients for the thread. Returned only on $select. + toRecipients?: Recipient[]; + // All the users that sent a message to this thread. Returned by default. + uniqueSenders?: string[]; + posts?: NullableOption; } -export interface VirtualEndpoint extends Entity { - // Cloud PC audit event. - auditEvents?: NullableOption; - bulkActions?: NullableOption; - // Cloud managed virtual desktops. - cloudPCs?: NullableOption; - // Cloud PC organization mapping between public and US Government Community Cloud (GCC) organizations. - crossCloudGovernmentOrganizationMapping?: NullableOption; - // The image resource on Cloud PC. - deviceImages?: NullableOption; - // The external partner settings on a Cloud PC. - externalPartnerSettings?: NullableOption; - // Front-line service plans for a Cloud PC. - frontLineServicePlans?: NullableOption; - // The gallery image resource on Cloud PC. - galleryImages?: NullableOption; +export interface CorsConfiguration_v2 extends Entity { /** - * A defined collection of Azure resource information that can be used to establish on-premises network connectivity for - * Cloud PCs. + * The request headers that the origin domain may specify on the CORS request. The wildcard character * indicates that any + * header beginning with the specified prefix is allowed. */ - onPremisesConnections?: NullableOption; - // The Cloud PC organization settings for a tenant. - organizationSettings?: NullableOption; - // Cloud PC provisioning policy. - provisioningPolicies?: NullableOption; - // Cloud PC related reports. - reports?: NullableOption; - // Cloud PC service plans. - servicePlans?: NullableOption; - sharedUseServicePlans?: NullableOption; - // Cloud PC snapshots. - snapshots?: NullableOption; - // Cloud PC supported regions. - supportedRegions?: NullableOption; - // Cloud PC user settings. - userSettings?: NullableOption; + allowedHeaders?: NullableOption; + // The HTTP request methods that the origin domain may use for a CORS request. + allowedMethods?: NullableOption; + /** + * The origin domains that are permitted to make a request against the service via CORS. The origin domain is the domain + * from which the request originates. The origin must be an exact case-sensitive match with the origin that the user agent + * sends to the service. + */ + allowedOrigins?: NullableOption; + // The maximum amount of time that a browser should cache the response to the preflight OPTIONS request. + maxAgeInSeconds?: NullableOption; + /** + * Resource within the application segment for which CORS permissions are granted. / grants permission for the whole app + * segment. + */ + resource?: string; } -export interface AndroidDeviceOwnerEnrollmentProfile extends Entity { - // Tenant GUID the enrollment profile belongs to. - accountId?: NullableOption; +export interface CountryNamedLocation extends NamedLocation { + // List of countries and/or regions in two-letter format specified by ISO 3166-2. + countriesAndRegions?: string[]; /** - * Boolean that indicates that the Wi-Fi network should be configured during device provisioning. When set to TRUE, device - * provisioning will use Wi-Fi related properties to automatically connect to Wi-Fi networks. When set to FALSE or - * undefined, other Wi-Fi related properties will be ignored. Default value is TRUE. Returned by default. + * Determines what method is used to decide which country the user is located in. Possible values are clientIpAddress + * (default) and authenticatorAppGps. */ - configureWifi?: boolean; - // Date time the enrollment profile was created. - createdDateTime?: string; - // Description for the enrollment profile. - description?: NullableOption; - // Display name for the enrollment profile. + countryLookupMethod?: NullableOption; + /** + * true if IP addresses that don't map to a country or region should be included in the named location. Optional. Default + * value is false. + */ + includeUnknownCountriesAndRegions?: boolean; +} +export interface CountryRegion { + addressFormat?: NullableOption; + code?: NullableOption; displayName?: NullableOption; - // Total number of Android devices that have enrolled using this enrollment profile. - enrolledDeviceCount?: number; + id?: string; + lastModifiedDateTime?: NullableOption; +} +export interface CredentialUsageSummary extends Entity { /** - * The enrollment mode of devices that use this enrollment profile. Possible values are: corporateOwnedDedicatedDevice, - * corporateOwnedFullyManaged, corporateOwnedWorkProfile, corporateOwnedAOSPUserlessDevice, - * corporateOwnedAOSPUserAssociatedDevice. + * Represents the authentication method that the user used. Possible values are:email, mobileSMS, mobileCall, officePhone, + * securityQuestion (only used for self-service password reset), appNotification, appCode, alternateMobileCall (supported + * only in registration), fido, appPassword, unknownFutureValue. */ - enrollmentMode?: AndroidDeviceOwnerEnrollmentMode; + authMethod?: UsageAuthMethod; + // Provides the count of failed resets or registration data. + failureActivityCount?: number; + // Defines the feature to report. Possible values are: registration, reset, unknownFutureValue. + feature?: FeatureType; + // Provides the count of successful registrations or resets. + successfulActivityCount?: number; +} +export interface CredentialUserRegistrationCount extends Entity { + // Provides the count of users with accountEnabled set to true in the tenant. + totalUserCount?: number; + // A collection of registration count and status information for users in your tenant. + userRegistrationCounts?: UserRegistrationCount[]; +} +export interface CredentialUserRegistrationDetails extends Entity { /** - * The enrollment token type for an enrollment profile. Possible values are: default, - * corporateOwnedDedicatedDeviceWithAzureADSharedMode. + * Represents the authentication method that the user has registered. Possible values are: email, mobilePhone, + * officePhone, securityQuestion (only used for self-service password reset), appNotification, appCode, + * alternateMobilePhone (supported only in registration), fido, appPassword, unknownFutureValue. */ - enrollmentTokenType?: AndroidDeviceOwnerEnrollmentTokenType; - // Total number of AOSP devices that have enrolled using the current token. - enrollmentTokenUsageCount?: number; - // Boolean indicating if this profile is an Android AOSP for Teams device profile. - isTeamsDeviceProfile?: boolean; - // Date time the enrollment profile was last modified. - lastModifiedDateTime?: string; - // String used to generate a QR code for the token. - qrCodeContent?: NullableOption; - // String used to generate a QR code for the token. - qrCodeImage?: NullableOption; - // List of Scope Tags for this Entity instance. - roleScopeTagIds?: NullableOption; - // Date time the most recently created token was created. - tokenCreationDateTime?: string; - // Date time the most recently created token will expire. - tokenExpirationDateTime?: string; - // Value of the most recently created token for this enrollment profile. - tokenValue?: NullableOption; - // Boolean that indicates if hidden wifi networks are enabled - wifiHidden?: boolean; - // String that contains the wi-fi login password - wifiPassword?: NullableOption; - // String that contains the wi-fi security type. Possible values are: none, wpa, wep. - wifiSecurityType?: AospWifiSecurityType; - // String that contains the wi-fi login ssid - wifiSsid?: NullableOption; + authMethods?: RegistrationAuthMethod[]; + // Indicates whether the user is ready to perform self-service password reset or MFA. + isCapable?: boolean; + // Indicates whether the user enabled to perform self-service password reset. + isEnabled?: boolean; + // Indicates whether the user is registered for MFA. + isMfaRegistered?: boolean; + // Indicates whether the user has registered any authentication methods for self-service password reset. + isRegistered?: boolean; + // Provides the user name of the corresponding user. + userDisplayName?: string; + // Provides the user principal name of the corresponding user. + userPrincipalName?: string; } -export interface AndroidForWorkAppConfigurationSchema extends Entity { +export interface CrossTenantAccessPolicy extends TenantRelationshipAccessPolicyBase { /** - * UTF8 encoded byte array containing example JSON string conforming to this schema that demonstrates how to set the - * configuration for this app + * Used to specify which Microsoft clouds an organization would like to collaborate with. By default, this value is empty. + * Supported values for this field are: microsoftonline.com, microsoftonline.us, and partner.microsoftonline.cn. */ - exampleJson?: NullableOption; - // Collection of items each representing a named configuration option in the schema - schemaItems?: NullableOption; + allowedCloudEndpoints?: string[]; + // Defines the default configuration for how your organization interacts with external Microsoft Entra organizations. + default?: NullableOption; + // Defines partner-specific configurations for external Microsoft Entra organizations. + partners?: NullableOption; + // Represents the base policy in the directory for multi-tenant organization settings. + templates?: NullableOption; } -export interface AndroidForWorkEnrollmentProfile extends Entity { - // Tenant GUID the enrollment profile belongs to. - accountId?: NullableOption; - // Date time the enrollment profile was created. - createdDateTime?: string; - // Description for the enrollment profile. - description?: NullableOption; - // Display name for the enrollment profile. - displayName?: NullableOption; - // Total number of Android devices that have enrolled using this enrollment profile. - enrolledDeviceCount?: number; - // Date time the enrollment profile was last modified. - lastModifiedDateTime?: string; - // String used to generate a QR code for the token. - qrCodeContent?: NullableOption; - // String used to generate a QR code for the token. - qrCodeImage?: NullableOption; - // Date time the most recently created token will expire. - tokenExpirationDateTime?: string; - // Value of the most recently created token for this enrollment profile. - tokenValue?: NullableOption; +export interface CrossTenantAccessPolicyConfigurationDefault extends Entity { + /** + * Determines the default configuration for automatic user consent settings. The inboundAllowed and outboundAllowed + * properties are always false and can't be updated in the default configuration. Read-only. + */ + automaticUserConsentSettings?: NullableOption; + /** + * Defines your default configuration for users from other organizations accessing your resources via Microsoft Entra B2B + * collaboration. + */ + b2bCollaborationInbound?: NullableOption; + /** + * Defines your default configuration for users in your organization going outbound to access resources in another + * organization via Microsoft Entra B2B collaboration. + */ + b2bCollaborationOutbound?: NullableOption; + /** + * Defines your default configuration for users from other organizations accessing your resources via Microsoft Entra B2B + * direct connect. + */ + b2bDirectConnectInbound?: NullableOption; + /** + * Defines your default configuration for users in your organization going outbound to access resources in another + * organization via Microsoft Entra B2B direct connect. + */ + b2bDirectConnectOutbound?: NullableOption; + /** + * Determines the default configuration for trusting other Conditional Access claims from external Microsoft Entra + * organizations. + */ + inboundTrust?: NullableOption; + /** + * Defines the priority order based on which an identity provider is selected during invitation redemption for a guest + * user. + */ + invitationRedemptionIdentityProviderConfiguration?: NullableOption; + /** + * If true, the default configuration is set to the system default configuration. If false, the default settings are + * customized. + */ + isServiceDefault?: NullableOption; + /** + * Defines the default tenant restrictions configuration for your organization users accessing an external organization on + * your network or devices. + */ + tenantRestrictions?: NullableOption; } -export interface AndroidForWorkSettings extends Entity { - // Bind status of the tenant with the Google EMM API. Possible values are: notBound, bound, boundAndValidated, unbinding. - bindStatus?: AndroidForWorkBindStatus; - // Indicates if this account is flighting for Android Device Owner Management with CloudDPC. - deviceOwnerManagementEnabled?: boolean; +export interface CrossTenantAccessPolicyConfigurationPartner { /** - * Indicates which users can enroll devices in Android for Work device management. Possible values are: none, all, - * targeted, targetedAsEnrollmentRestrictions. + * Determines the partner-specific configuration for automatic user consent settings. Unless configured, the + * inboundAllowed and outboundAllowed properties are null and inherit from the default settings, which is always false. */ - enrollmentTarget?: AndroidForWorkEnrollmentTarget; - // Last completion time for app sync - lastAppSyncDateTime?: NullableOption; + automaticUserConsentSettings?: NullableOption; /** - * Last application sync result. Possible values are: success, credentialsNotValid, androidForWorkApiError, - * managementServiceError, unknownError, none. + * Defines your partner-specific configuration for users from other organizations accessing your resources via Microsoft + * Entra B2B collaboration. */ - lastAppSyncStatus?: AndroidForWorkSyncStatus; - // Last modification time for Android for Work settings - lastModifiedDateTime?: NullableOption; - // Organization name used when onboarding Android for Work - ownerOrganizationName?: NullableOption; - // Owner UPN that created the enterprise - ownerUserPrincipalName?: NullableOption; + b2bCollaborationInbound?: NullableOption; /** - * Specifies which AAD groups can enroll devices in Android for Work device management if enrollmentTarget is set to - * 'Targeted' + * Defines your partner-specific configuration for users in your organization going outbound to access resources in + * another organization via Microsoft Entra B2B collaboration. */ - targetGroupIds?: NullableOption; -} -export interface AndroidManagedStoreAccountEnterpriseSettings extends Entity { - // Company codes for AndroidManagedStoreAccountEnterpriseSettings - androidDeviceOwnerFullyManagedEnrollmentEnabled?: boolean; - // Bind status of the tenant with the Google EMM API. Possible values are: notBound, bound, boundAndValidated, unbinding. - bindStatus?: AndroidManagedStoreAccountBindStatus; - // Company codes for AndroidManagedStoreAccountEnterpriseSettings - companyCodes?: NullableOption; - // Indicates if this account is flighting for Android Device Owner Management with CloudDPC. - deviceOwnerManagementEnabled?: boolean; + b2bCollaborationOutbound?: NullableOption; /** - * Indicates which users can enroll devices in Android Enterprise device management. Possible values are: none, all, - * targeted, targetedAsEnrollmentRestrictions. + * Defines your partner-specific configuration for users from other organizations accessing your resources via Azure B2B + * direct connect. */ - enrollmentTarget?: AndroidManagedStoreAccountEnrollmentTarget; - // Last completion time for app sync - lastAppSyncDateTime?: NullableOption; + b2bDirectConnectInbound?: NullableOption; /** - * Last application sync result. Possible values are: success, credentialsNotValid, androidForWorkApiError, - * managementServiceError, unknownError, none. + * Defines your partner-specific configuration for users in your organization going outbound to access resources in + * another organization via Microsoft Entra B2B direct connect. */ - lastAppSyncStatus?: AndroidManagedStoreAccountAppSyncStatus; - // Last modification time for Android enterprise settings - lastModifiedDateTime?: NullableOption; - // Initial scope tags for MGP apps - managedGooglePlayInitialScopeTagIds?: NullableOption; - // Organization name used when onboarding Android Enterprise - ownerOrganizationName?: NullableOption; - // Owner UPN that created the enterprise - ownerUserPrincipalName?: NullableOption; + b2bDirectConnectOutbound?: NullableOption; /** - * Specifies which AAD groups can enroll devices in Android for Work device management if enrollmentTarget is set to - * 'Targeted' + * Determines the partner-specific configuration for trusting other Conditional Access claims from external Microsoft + * Entra organizations. */ - targetGroupIds?: NullableOption; -} -export interface AndroidManagedStoreAppConfigurationSchema extends Entity { + inboundTrust?: NullableOption; + // Identifies whether a tenant is a member of a multitenant organization. + isInMultiTenantOrganization?: NullableOption; + // Identifies whether the partner-specific configuration is a Cloud Service Provider for your organization. + isServiceProvider?: NullableOption; + // The tenant identifier for the partner Microsoft Entra organization. Read-only. Key. + tenantId?: string; /** - * UTF8 encoded byte array containing example JSON string conforming to this schema that demonstrates how to set the - * configuration for this app + * Defines the partner-specific tenant restrictions configuration for your organization users accessing a partner + * organization using partner supplied identities on your network or devices. */ - exampleJson?: NullableOption; + tenantRestrictions?: NullableOption; /** - * Collection of items each representing a named configuration option in the schema. It contains a flat list of all - * configuration. + * Defines the cross-tenant policy for the synchronization of users from a partner tenant. Use this user synchronization + * policy to streamline collaboration between users in a multitenant organization by automating the creation, update, and + * deletion of users from one tenant to another. */ - nestedSchemaItems?: NullableOption; + identitySynchronization?: NullableOption; +} +export interface CrossTenantIdentitySyncPolicyPartner { /** - * Collection of items each representing a named configuration option in the schema. It only contains the root-level - * configuration. + * Display name for the cross-tenant user synchronization policy. Use the name of the partner Microsoft Entra tenant to + * easily identify the policy. Optional. */ - schemaItems?: NullableOption; + displayName?: NullableOption; + // Tenant identifier for the partner Microsoft Entra organization. Read-only. + tenantId?: string; + // Defines whether users can be synchronized from the partner tenant. Key. + userSyncInbound?: NullableOption; } -export interface AuditEvent extends Entity { - // Friendly name of the activity. - activity?: NullableOption; - // The date time in UTC when the activity was performed. - activityDateTime?: string; - // The HTTP operation type of the activity. - activityOperationType?: NullableOption; - // The result of the activity. - activityResult?: NullableOption; - // The type of activity that was being performed. - activityType?: NullableOption; - // AAD user and application that are associated with the audit event. - actor?: NullableOption; - // Audit category. - category?: NullableOption; - // Component name. - componentName?: NullableOption; - // The client request Id that is used to correlate activity within the system. - correlationId?: string; - // Event display name. +export interface Currency { + amountDecimalPlaces?: NullableOption; + amountRoundingPrecision?: NullableOption; + code?: NullableOption; displayName?: NullableOption; - // Resources being modified. - resources?: NullableOption; + id?: string; + lastModifiedDateTime?: NullableOption; + symbol?: NullableOption; } -export interface DeviceAndAppManagementAssignmentFilter extends Entity { - /** - * Indicates filter is applied to either 'devices' or 'apps' management type. Possible values are devices, apps. Default - * filter will be applied to 'devices'. Possible values are: devices, apps, unknownFutureValue. - */ - assignmentFilterManagementType?: AssignmentFilterManagementType; +export interface CustomAccessPackageWorkflowExtension extends CustomCalloutExtension { /** - * The creation time of the assignment filter. The value cannot be modified and is automatically populated during new - * assignment filter process. The timestamp type represents date and time information using ISO 8601 format and is always - * in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. + * Represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan + * 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - createdDateTime?: string; - // Optional description of the Assignment Filter. - description?: NullableOption; - // The name of the Assignment Filter. - displayName?: string; + createdDateTime?: NullableOption; /** - * Last modified time of the Assignment Filter. The timestamp type represents date and time information using ISO 8601 - * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' + * Represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan + * 1, 2014 is 2014-01-01T00:00:00Z. Read-only. */ - lastModifiedDateTime?: string; - // Indicates associated assignments for a specific filter. - payloads?: NullableOption; + lastModifiedDateTime?: NullableOption; +} +export interface CustomAppScope extends AppScope { + // An open dictionary type that holds workload-specific properties for the scope object. + customAttributes?: CustomAppScopeAttributesDictionary; +} +// tslint:disable-next-line: no-empty-interface +export interface CustomAuthenticationExtension extends CustomCalloutExtension {} +export interface CustomCalloutExtension extends Entity { + // Configuration for securing the API call to the logic app. For example, using OAuth client credentials flow. + authenticationConfiguration?: NullableOption; /** - * Indicates filter is applied to which flatform. Possible values are - * android,androidForWork,iOS,macOS,windowsPhone81,windows81AndLater,windows10AndLater,androidWorkProfile, unknown, - * androidAOSP,androidMobileApplicationManagement, iOSMobileApplicationManagement. Default filter will be applied to - * 'unknown'. Possible values are: android, androidForWork, iOS, macOS, windowsPhone81, windows81AndLater, - * windows10AndLater, androidWorkProfile, unknown, androidAOSP, androidMobileApplicationManagement, - * iOSMobileApplicationManagement, unknownFutureValue. + * HTTP connection settings that define how long Microsoft Entra ID can wait for a connection to a logic app, how many + * times you can retry a timed-out connection and the exception scenarios when retries are allowed. */ - platform?: DevicePlatformType; - // Indicates role scope tags assigned for the assignment filter. - roleScopeTags?: NullableOption; - // Rule definition of the assignment filter. - rule?: string; + clientConfiguration?: NullableOption; + // Description for the customCalloutExtension object. + description?: NullableOption; + // Display name for the customCalloutExtension object. + displayName?: NullableOption; + // The type and details for configuring the endpoint to call the logic app's workflow. + endpointConfiguration?: NullableOption; } -export interface ChromeOSOnboardingSettings extends Entity { - // The ChromebookTenant's LastDirectorySyncDateTime - lastDirectorySyncDateTime?: NullableOption; - // The ChromebookTenant's LastModifiedDateTime - lastModifiedDateTime?: string; +export interface Customer { + address?: NullableOption; + blocked?: NullableOption; + currencyCode?: NullableOption; + currencyId?: NullableOption; + displayName?: NullableOption; + email?: NullableOption; + id?: string; + lastModifiedDateTime?: NullableOption; + number?: NullableOption; + paymentMethodId?: NullableOption; + paymentTermsId?: NullableOption; + phoneNumber?: NullableOption; + shipmentMethodId?: NullableOption; + taxAreaDisplayName?: NullableOption; + taxAreaId?: NullableOption; + taxLiable?: NullableOption; + taxRegistrationNumber?: NullableOption; + type?: NullableOption; + website?: NullableOption; + currency?: NullableOption; + paymentMethod?: NullableOption; + paymentTerm?: NullableOption; + picture?: NullableOption; + shipmentMethod?: NullableOption; +} +export interface CustomerPayment { + amount?: NullableOption; + appliesToInvoiceId?: NullableOption; + appliesToInvoiceNumber?: NullableOption; + comment?: NullableOption; + contactId?: NullableOption; + customerId?: NullableOption; + customerNumber?: NullableOption; + description?: NullableOption; + documentNumber?: NullableOption; + externalDocumentNumber?: NullableOption; + id?: string; + journalDisplayName?: NullableOption; + lastModifiedDateTime?: NullableOption; + lineNumber?: NullableOption; + postingDate?: NullableOption; + customer?: NullableOption; +} +export interface CustomerPaymentJournal { + balancingAccountId?: NullableOption; + balancingAccountNumber?: NullableOption; + code?: NullableOption; + displayName?: NullableOption; + id?: string; + lastModifiedDateTime?: NullableOption; + account?: NullableOption; + customerPayments?: NullableOption; +} +export interface CustomExtensionHandler extends Entity { /** - * The ChromebookTenant's OnboardingStatus. Possible values are: unknown, inprogress, onboarded, failed, offboarding, - * unknownFutureValue. + * Indicates the stage of the access package assignment request workflow when the access package custom extension runs. + * The possible values are: assignmentRequestCreated, assignmentRequestApproved, assignmentRequestGranted, + * assignmentRequestRemoved, assignmentFourteenDaysBeforeExpiration, assignmentOneDayBeforeExpiration, unknownFutureValue. */ - onboardingStatus?: OnboardingStatus; - // The ChromebookTenant's OwnerUserPrincipalName - ownerUserPrincipalName?: NullableOption; + stage?: NullableOption; + // Indicates which custom workflow extension is executed at this stage. Nullable. Supports $expand. + customExtension?: NullableOption; } -export interface TermsAndConditions extends Entity { +export interface CustomExtensionStageSetting extends Entity { /** - * Administrator-supplied explanation of the terms and conditions, typically describing what it means to accept the terms - * and conditions set out in the T&C policy. This is shown to the user on prompts to accept the T&C policy. + * Indicates the stage of the access package assignment request workflow when the access package custom extension runs. + * The possible values are: assignmentRequestCreated, assignmentRequestApproved, assignmentRequestGranted, + * assignmentRequestRemoved, assignmentFourteenDaysBeforeExpiration, assignmentOneDayBeforeExpiration, unknownFutureValue. */ - acceptanceStatement?: NullableOption; + stage?: AccessPackageCustomExtensionStage; + // Indicates the custom workflow extension that is executed at this stage. Nullable. Supports $expand. + customExtension?: NullableOption; +} +export interface CustomSecurityAttributeAudit extends Entity { + activityDateTime?: string; + activityDisplayName?: string; + additionalDetails?: NullableOption; + category?: string; + correlationId?: NullableOption; + initiatedBy?: AuditActivityInitiator; + loggedByService?: NullableOption; + operationType?: NullableOption; + result?: NullableOption; + resultReason?: NullableOption; + targetResources?: NullableOption; + userAgent?: NullableOption; +} +export interface CustomSecurityAttributeDefinition extends Entity { + // Name of the attribute set. Case insensitive. + attributeSet?: string; /** - * Administrator-supplied body text of the terms and conditions, typically the terms themselves. This is shown to the user - * on prompts to accept the T&C policy. + * Description of the custom security attribute. Can be up to 128 characters long and include Unicode characters. Can be + * changed later. */ - bodyText?: NullableOption; - // DateTime the object was created. - createdDateTime?: string; - // Administrator-supplied description of the T&C policy. description?: NullableOption; - // Administrator-supplied name for the T&C policy. - displayName?: string; - // DateTime the object was last modified. - lastModifiedDateTime?: string; - // DateTime the object was last modified. - modifiedDateTime?: string; - // List of Scope Tags for this Entity instance. - roleScopeTagIds?: NullableOption; /** - * Administrator-supplied title of the terms and conditions. This is shown to the user on prompts to accept the T&C - * policy. + * Indicates whether multiple values can be assigned to the custom security attribute. Cannot be changed later. If type is + * set to Boolean, isCollection cannot be set to true. */ - title?: NullableOption; + isCollection?: boolean; /** - * Integer indicating the current version of the terms. Incremented when an administrator makes a change to the terms and - * wishes to require users to re-accept the modified T&C policy. + * Indicates whether custom security attribute values are indexed for searching on objects that are assigned attribute + * values. Cannot be changed later. */ - version?: number; - // The list of acceptance statuses for this T&C policy. - acceptanceStatuses?: NullableOption; - // The list of assignments for this T&C policy. - assignments?: NullableOption; - // The list of group assignments for this T&C policy. - groupAssignments?: NullableOption; -} -export interface ServiceNowConnection extends Entity { + isSearchable?: NullableOption; /** - * Indicates the method used by Intune to authenticate with ServiceNow. Currently supports only web authentication with - * ServiceNow using the specified app id. + * Name of the custom security attribute. Must be unique within an attribute set. Can be up to 32 characters long and + * include Unicode characters. Cannot contain spaces or special characters. Cannot be changed later. Case insensitive. */ - authenticationMethod?: NullableOption; + name?: string; /** - * Date Time when connection properties were created. The value cannot be modified and is automatically populated when the - * connection properties were entered. + * Specifies whether the custom security attribute is active or deactivated. Acceptable values are: Available and + * Deprecated. Can be changed later. */ - createdDateTime?: NullableOption; + status?: string; /** - * Indicates the ServiceNow incident API URL that Intune will use the fetch incidents. Saved in the format of - * /api/now/table/incident + * Data type for the custom security attribute values. Supported types are: Boolean, Integer, and String. Cannot be + * changed later. */ - incidentApiUrl?: NullableOption; + type?: string; /** - * Indicates the ServiceNow instance URL that Intune will connect to. Saved in the format of - * https://<instance>.service-now.com + * Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form + * values are allowed. Can later be changed from true to false, but cannot be changed from false to true. If type is set + * to Boolean, usePreDefinedValuesOnly cannot be set to true. */ - instanceUrl?: NullableOption; + usePreDefinedValuesOnly?: NullableOption; /** - * Date Time when connection properties were last updated. The value cannot be modified and is automatically populated - * when the connection properties were updated. + * Values that are predefined for this custom security attribute. This navigation property is not returned by default and + * must be specified in an $expand query. For example, + * /directory/customSecurityAttributeDefinitions?$expand=allowedValues. */ - lastModifiedDateTime?: NullableOption; - // Date Time when incidents from ServiceNow were last queried - lastQueriedDateTime?: NullableOption; - // Status of the ServiceNow Connection based on user's selection. Possible value could be disabled or enabled. - serviceNowConnectionStatus?: ServiceNowConnectionStatus; -} -export interface AdvancedThreatProtectionOnboardingStateSummary extends Entity { - // Number of compliant devices - compliantDeviceCount?: number; - // Number of conflict devices - conflictDeviceCount?: number; - // Number of error devices - errorDeviceCount?: number; - // Number of NonCompliant devices - nonCompliantDeviceCount?: number; - // Number of not applicable devices - notApplicableDeviceCount?: number; - // Number of not assigned devices - notAssignedDeviceCount?: number; - // Number of remediated devices - remediatedDeviceCount?: number; - // Number of unknown devices - unknownDeviceCount?: number; - advancedThreatProtectionOnboardingDeviceSettingStates?: NullableOption; -} -export interface CartToClassAssociation extends Entity { - // Identifiers of classrooms to be associated with device carts. - classroomIds?: NullableOption; - // DateTime the object was created. - createdDateTime?: string; - // Admin provided description of the CartToClassAssociation. - description?: NullableOption; - // Identifiers of device carts to be associated with classes. - deviceCartIds?: NullableOption; - // Admin provided name of the device configuration. - displayName?: NullableOption; - // DateTime the object was last modified. - lastModifiedDateTime?: string; - // Version of the CartToClassAssociation. - version?: number; -} -export interface DeviceCompliancePolicy extends Entity { - // DateTime the object was created. - createdDateTime?: string; - // Admin provided description of the Device Configuration. - description?: NullableOption; - // Admin provided name of the device configuration. - displayName?: string; - // DateTime the object was last modified. - lastModifiedDateTime?: string; - // List of Scope Tags for this Entity instance. - roleScopeTagIds?: NullableOption; - // Version of the device configuration. - version?: number; - // The collection of assignments for this compliance policy. - assignments?: NullableOption; - // Compliance Setting State Device Summary - deviceSettingStateSummaries?: NullableOption; - // List of DeviceComplianceDeviceStatus. - deviceStatuses?: NullableOption; - // Device compliance devices status overview - deviceStatusOverview?: NullableOption; - // The list of scheduled action for this rule - scheduledActionsForRule?: NullableOption; - // List of DeviceComplianceUserStatus. - userStatuses?: NullableOption; - // Device compliance users status overview - userStatusOverview?: NullableOption; + allowedValues?: NullableOption; } -export interface DeviceCompliancePolicyDeviceStateSummary extends Entity { - // Number of compliant devices - compliantDeviceCount?: number; - // Number of devices that have compliance managed by System Center Configuration Manager - configManagerCount?: number; - // Number of conflict devices - conflictDeviceCount?: number; - // Number of error devices - errorDeviceCount?: number; - // Number of devices that are in grace period - inGracePeriodCount?: number; - // Number of NonCompliant devices - nonCompliantDeviceCount?: number; - // Number of not applicable devices - notApplicableDeviceCount?: number; - // Number of remediated devices - remediatedDeviceCount?: number; - // Number of unknown devices - unknownDeviceCount?: number; +export interface DailyInactiveUsersByApplicationMetric extends InactiveUsersByApplicationMetricBase { + inactive1DayCount?: NullableOption; } -export interface DeviceCompliancePolicySettingStateSummary extends Entity { - // Number of compliant devices - compliantDeviceCount?: number; - // Number of conflict devices - conflictDeviceCount?: number; - // Number of error devices - errorDeviceCount?: number; - // Number of NonCompliant devices - nonCompliantDeviceCount?: number; - // Number of not applicable devices - notApplicableDeviceCount?: number; - /** - * Setting platform. Possible values are: android, androidForWork, iOS, macOS, windowsPhone81, windows81AndLater, - * windows10AndLater, androidWorkProfile, windows10XProfile, androidAOSP, all. - */ - platformType?: PolicyPlatformType; - // Number of remediated devices - remediatedDeviceCount?: number; - // The setting class name and property name. - setting?: NullableOption; - // Name of the setting. - settingName?: NullableOption; - // Number of unknown devices - unknownDeviceCount?: number; - deviceComplianceSettingStates?: NullableOption; +export interface DailyInactiveUsersMetric extends InactiveUsersMetricBase { + inactive1DayCount?: NullableOption; } -export interface DeviceConfigurationConflictSummary extends Entity { - // The set of policies in conflict with the given setting - conflictingDeviceConfigurations?: NullableOption; - // The set of settings in conflict with the given policies - contributingSettings?: NullableOption; - // The count of checkins impacted by the conflicting policies and settings - deviceCheckinsImpacted?: number; +export interface DailyUserInsightMetricsRoot extends Entity { + // Insights for active users on apps registered in the tenant for a specified period. + activeUsers?: NullableOption; + activeUsersBreakdown?: NullableOption; + // Insights for authentications on apps registered in the tenant for a specified period. + authentications?: NullableOption; + inactiveUsers?: NullableOption; + inactiveUsersByApplication?: NullableOption; + // Insights for MFA usage on apps registered in the tenant for a specified period. + mfaCompletions?: NullableOption; + // Total sign-ups on apps registered in the tenant for a specified period. + signUps?: NullableOption; + // Summary of all usage insights on apps registered in the tenant for a specified period. + summary?: NullableOption; + // Insights for total users on apps registered in the tenant for a specified period. + userCount?: NullableOption; } -export interface DeviceConfigurationDeviceStateSummary extends Entity { - // Number of compliant devices - compliantDeviceCount?: number; - // Number of conflict devices - conflictDeviceCount?: number; - // Number of error devices - errorDeviceCount?: number; - // Number of NonCompliant devices - nonCompliantDeviceCount?: number; - // Number of not applicable devices - notApplicableDeviceCount?: number; - // Number of remediated devices - remediatedDeviceCount?: number; - // Number of unknown devices - unknownDeviceCount?: number; +export interface DataClassificationService extends Entity { + classifyFileJobs?: NullableOption; + classifyTextJobs?: NullableOption; + evaluateDlpPoliciesJobs?: NullableOption; + evaluateLabelJobs?: NullableOption; + exactMatchDataStores?: NullableOption; + exactMatchUploadAgents?: NullableOption; + jobs?: NullableOption; + sensitiveTypes?: NullableOption; + sensitivityLabels?: NullableOption; } -export interface RestrictedAppsViolation extends Entity { - // Device configuration profile unique identifier, must be Guid - deviceConfigurationId?: string; - // Device configuration profile name - deviceConfigurationName?: NullableOption; - // Device name - deviceName?: NullableOption; - // Managed device unique identifier, must be Guid - managedDeviceId?: string; +export interface DataCollectionInfo extends Entity { /** - * Platform type. Possible values are: android, androidForWork, iOS, macOS, windowsPhone81, windows81AndLater, - * windows10AndLater, androidWorkProfile, windows10XProfile, androidAOSP, all. + * Represents the details and status of data collection about permissions assigned to an identity in the authorization + * system. Read-only. */ - platformType?: PolicyPlatformType; - // List of violated restricted apps - restrictedApps?: ManagedDeviceReportedApp[]; - // Restricted apps state. Possible values are: prohibitedApps, notApprovedApps. - restrictedAppsState?: RestrictedAppsState; - // User unique identifier, must be Guid - userId?: string; - // User name - userName?: NullableOption; + entitlements?: EntitlementsDataCollectionInfo; } -export interface DeviceConfiguration extends Entity { - // DateTime the object was created. - createdDateTime?: string; - // Admin provided description of the Device Configuration. - description?: NullableOption; - // The device mode applicability rule for this Policy. - deviceManagementApplicabilityRuleDeviceMode?: NullableOption; - // The OS edition applicability for this Policy. - deviceManagementApplicabilityRuleOsEdition?: NullableOption; - // The OS version applicability rule for this Policy. - deviceManagementApplicabilityRuleOsVersion?: NullableOption; - // Admin provided name of the device configuration. - displayName?: string; - // DateTime the object was last modified. - lastModifiedDateTime?: string; - // List of Scope Tags for this Entity instance. - roleScopeTagIds?: NullableOption; +export interface DataLossPreventionPolicy extends Entity { + name?: NullableOption; +} +export interface DataPolicyOperation extends Entity { /** - * Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the - * ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This - * occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the - * Azure Portal. This property is read-only. + * Represents when the request for this data policy operation was completed, in UTC time, using the ISO 8601 format. For + * example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Null until the operation completes. */ - supportsScopeTags?: boolean; - // Version of the device configuration. - version?: number; - // The list of assignments for the device configuration profile. - assignments?: NullableOption; - // Device Configuration Setting State Device Summary - deviceSettingStateSummaries?: NullableOption; - // Device configuration installation status by device. - deviceStatuses?: NullableOption; - // Device Configuration devices status overview - deviceStatusOverview?: NullableOption; - // The list of group assignments for the device configuration profile. - groupAssignments?: NullableOption; - // Device configuration installation status by user. - userStatuses?: NullableOption; - // Device Configuration users status overview - userStatusOverview?: NullableOption; -} -export interface ManagedAllDeviceCertificateState extends Entity { - // Certificate expiry date - certificateExpirationDateTime?: string; - // Enhanced Key Usage - certificateExtendedKeyUsages?: NullableOption; - // Issuance date - certificateIssuanceDateTime?: string; - // Issuer - certificateIssuerName?: NullableOption; - // Key Usage - certificateKeyUsages?: NullableOption; - // Revoke status. Possible values are: none, pending, issued, failed, revoked. - certificateRevokeStatus?: CertificateRevocationStatus; - // The time the revoke status was last changed - certificateRevokeStatusLastChangeDateTime?: string; - // Serial number - certificateSerialNumber?: NullableOption; - // Certificate subject name - certificateSubjectName?: NullableOption; - // Thumbprint - certificateThumbprint?: NullableOption; - // Device display name - managedDeviceDisplayName?: NullableOption; - // User principal name - userPrincipalName?: NullableOption; + completedDateTime?: NullableOption; + // Specifies the progress of an operation. + progress?: number; + // Possible values are: notStarted, running, complete, failed, unknownFutureValue. + status?: NullableOption; + // The URL location to where data is being exported for export requests. + storageLocation?: NullableOption; + /** + * Represents when the request for this data operation was submitted, in UTC time, using the ISO 8601 format. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z + */ + submittedDateTime?: string; + // The id for the user on whom the operation is performed. + userId?: string; } -export interface DeviceConfigurationUserStateSummary extends Entity { - // Number of compliant users - compliantUserCount?: number; - // Number of conflict users - conflictUserCount?: number; - // Number of error users - errorUserCount?: number; - // Number of NonCompliant users - nonCompliantUserCount?: number; - // Number of not applicable users - notApplicableUserCount?: number; - // Number of remediated users - remediatedUserCount?: number; - // Number of unknown users - unknownUserCount?: number; +export interface DataSharingConsent extends Entity { + // The time consent was granted for this account + grantDateTime?: string; + // The granted state for the data sharing consent + granted?: boolean; + // The Upn of the user that granted consent for this account + grantedByUpn?: NullableOption; + // The UserId of the user that granted consent for this account + grantedByUserId?: NullableOption; + // The display name of the service work flow + serviceDisplayName?: NullableOption; + // The TermsUrl for the data sharing consent + termsUrl?: NullableOption; } -// tslint:disable-next-line: interface-name -export interface IosUpdateDeviceStatus extends Entity { - // The DateTime when device compliance grace period expires - complianceGracePeriodExpirationDateTime?: string; - // Device name of the DevicePolicyStatus. - deviceDisplayName?: NullableOption; - // The device id that is being reported. - deviceId?: NullableOption; - // The device model that is being reported - deviceModel?: NullableOption; +export interface DayNote extends ChangeTrackedEntity { + // The date of the day note. + dayNoteDate?: NullableOption; + // The draft version of this day note that is viewable by managers. Only contentType text is supported. + draftDayNote?: NullableOption; /** - * The installation status of the policy report. Possible values are: success, available, idle, unknown, mdmClientCrashed, - * timeout, downloading, downloadFailed, downloadRequiresComputer, downloadInsufficientSpace, downloadInsufficientPower, - * downloadInsufficientNetwork, installing, installInsufficientSpace, installInsufficientPower, - * installPhoneCallInProgress, installFailed, notSupportedOperation, sharedDeviceUserLoggedInError, updateError, - * deviceOsHigherThanDesiredOsVersion, updateScanFailed. + * The shared version of this day note that is viewable by both employees and managers. Only contentType text is + * supported. */ - installStatus?: IosUpdatesInstallStatus; - // Last modified date time of the policy report. - lastReportedDateTime?: string; - // The device version that is being reported. - osVersion?: NullableOption; - // Platform of the device that is being reported - platform?: number; + sharedDayNote?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface DefaultDeviceCompliancePolicy extends DeviceCompliancePolicy {} +export interface DefaultManagedAppProtection extends ManagedAppProtection { + // Semicolon seperated list of device manufacturers allowed, as a string, for the managed app to work. (Android only) + allowedAndroidDeviceManufacturers?: NullableOption; + // List of device models allowed, as a string, for the managed app to work. (Android Only) + allowedAndroidDeviceModels?: NullableOption; + // Semicolon seperated list of device models allowed, as a string, for the managed app to work. (iOS Only) + allowedIosDeviceModels?: NullableOption; /** - * Compliance status of the policy report. Possible values are: unknown, notApplicable, compliant, remediated, - * nonCompliant, error, conflict, notAssigned. + * Defines a managed app behavior, either block or warn, if the user is clocked out (non-working time). Possible values + * are: block, wipe, warn. */ - status?: ComplianceStatus; - // The User id that is being reported. - userId?: NullableOption; - // The User Name that is being reported - userName?: NullableOption; - // UserPrincipalName. - userPrincipalName?: NullableOption; -} -export interface MacOSSoftwareUpdateAccountSummary extends Entity { - // The device ID. - deviceId?: NullableOption; - // The device name. - deviceName?: NullableOption; - // The name of the report - displayName?: string; - // Number of failed updates on the device. - failedUpdateCount?: number; - // Last date time the report for this device was updated. - lastUpdatedDateTime?: string; - // The OS version. - osVersion?: NullableOption; - // Number of successful updates on the device. - successfulUpdateCount?: number; - // Number of total updates on the device. - totalUpdateCount?: number; - // The user ID. - userId?: NullableOption; - // The user principal name - userPrincipalName?: NullableOption; - // Summary of the updates by category. - categorySummaries?: NullableOption; -} -export interface ManagedDeviceEncryptionState extends Entity { + appActionIfAccountIsClockedOut?: NullableOption; /** - * Advanced BitLocker State. Possible values are: success, noUserConsent, osVolumeUnprotected, osVolumeTpmRequired, - * osVolumeTpmOnlyRequired, osVolumeTpmPinRequired, osVolumeTpmStartupKeyRequired, osVolumeTpmPinStartupKeyRequired, - * osVolumeEncryptionMethodMismatch, recoveryKeyBackupFailed, fixedDriveNotEncrypted, fixedDriveEncryptionMethodMismatch, - * loggedOnUserNonAdmin, windowsRecoveryEnvironmentNotConfigured, tpmNotAvailable, tpmNotReady, networkError. + * Defines a managed app behavior, either block or wipe, if the specified device manufacturer is not allowed. (Android + * only). Possible values are: block, wipe, warn. */ - advancedBitLockerStates?: NullableOption; - // Device name - deviceName?: NullableOption; + appActionIfAndroidDeviceManufacturerNotAllowed?: ManagedAppRemediationAction; /** - * Platform of the device. Possible values are: desktop, windowsRT, winMO6, nokia, windowsPhone, mac, winCE, winEmbedded, - * iPhone, iPad, iPod, android, iSocConsumer, unix, macMDM, holoLens, surfaceHub, androidForWork, androidEnterprise, - * blackberry, palm, unknown. + * Defines a managed app behavior, either block or wipe, if the specified device model is not allowed. (Android Only). + * Possible values are: block, wipe, warn. */ - deviceType?: DeviceTypes; + appActionIfAndroidDeviceModelNotAllowed?: ManagedAppRemediationAction; /** - * Encryption policy setting state. Possible values are: unknown, notApplicable, compliant, remediated, nonCompliant, - * error, conflict, notAssigned. + * Defines a managed app behavior, either warn or block, if the specified Android App Verification requirement fails. + * Possible values are: block, wipe, warn. */ - encryptionPolicySettingState?: ComplianceStatus; - // Encryption readiness state. Possible values are: notReady, ready. - encryptionReadinessState?: EncryptionReadinessState; - // Device encryption state. Possible values are: notEncrypted, encrypted. - encryptionState?: EncryptionState; - // FileVault State. Possible values are: success, driveEncryptedByUser, userDeferredEncryption, escrowNotEnabled. - fileVaultStates?: NullableOption; - // Operating system version of the device - osVersion?: NullableOption; - // Policy Details - policyDetails?: NullableOption; - // Device TPM Version - tpmSpecificationVersion?: NullableOption; - // User name - userPrincipalName?: NullableOption; -} -export interface NdesConnector extends Entity { - // The build version of the Ndes Connector. - connectorVersion?: NullableOption; - // The friendly name of the Ndes Connector. - displayName?: NullableOption; - // Timestamp when on-prem certificate connector was enrolled in Intune. - enrolledDateTime?: string; - // Last connection time for the Ndes Connector - lastConnectionDateTime?: string; - // Name of the machine running on-prem certificate connector service. - machineName?: NullableOption; - // List of Scope Tags for this Entity instance. - roleScopeTagIds?: NullableOption; - // Ndes Connector Status. Possible values are: none, active, inactive. - state?: NdesConnectorState; -} -export interface SoftwareUpdateStatusSummary extends Entity { - // Number of compliant devices. - compliantDeviceCount?: number; - // Number of compliant users. - compliantUserCount?: number; - // Number of conflict devices. - conflictDeviceCount?: number; - // Number of conflict users. - conflictUserCount?: number; - // The name of the policy. - displayName?: NullableOption; - // Number of devices had error. - errorDeviceCount?: number; - // Number of users had error. - errorUserCount?: number; - // Number of non compliant devices. - nonCompliantDeviceCount?: number; - // Number of non compliant users. - nonCompliantUserCount?: number; - // Number of not applicable devices. - notApplicableDeviceCount?: number; - // Number of not applicable users. - notApplicableUserCount?: number; - // Number of remediated devices. - remediatedDeviceCount?: number; - // Number of remediated users. - remediatedUserCount?: number; - // Number of unknown devices. - unknownDeviceCount?: number; - // Number of unknown users. - unknownUserCount?: number; -} -export interface DeviceManagementConfigurationCategory extends Entity { - // Description of the category header in policy summary. - categoryDescription?: NullableOption; - // List of child ids of the category. - childCategoryIds?: NullableOption; - // Description of the category. For example: Display - description?: NullableOption; - // Name of the category. For example: Device Lock - displayName?: NullableOption; - // Help text of the category. Give more details of the category. - helpText?: NullableOption; - // Name of the item - name?: NullableOption; - // Direct parent id of the category. If the category is the root, the parent id is same as its id. - parentCategoryId?: NullableOption; + appActionIfAndroidSafetyNetAppsVerificationFailed?: ManagedAppRemediationAction; /** - * Platforms types, which settings in the category have. Possible values are: none. android, androidEnterprise, iOs, - * macOs, windows10X, windows10, aosp, and linux. If this property is not set, or set to none, returns categories in all - * platforms. Supports: $filters, $select. Read-only. Possible values are: none, android, iOS, macOS, windows10X, - * windows10, linux, unknownFutureValue. + * Defines a managed app behavior, either warn or block, if the specified Android SafetyNet Attestation requirement fails. + * Possible values are: block, wipe, warn. */ - platforms?: DeviceManagementConfigurationPlatforms; - // Root id of the category. - rootCategoryId?: NullableOption; + appActionIfAndroidSafetyNetDeviceAttestationFailed?: ManagedAppRemediationAction; /** - * Indicates that the category contains settings that are used for compliance, configuration, or reusable settings. - * Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. - * Read-only. Possible values are: none, configuration, compliance, unknownFutureValue. + * Defines a managed app behavior, either warn, block or wipe, if the screen lock is required on device but is not set. + * (android only). Possible values are: block, wipe, warn. */ - settingUsage?: DeviceManagementConfigurationSettingUsage; + appActionIfDeviceLockNotSet?: ManagedAppRemediationAction; /** - * Technologies types, which settings in the category have. Possible values are: none, mdm, configManager, - * intuneManagementExtension, thirdParty, documentGateway, appleRemoteManagement, microsoftSense, exchangeOnline, edgeMam, - * linuxMdm, extensibility, enrollment, endpointPrivilegeManagement. If this property is not set, or set to none, returns - * categories in all platforms. Supports: $filters, $select. Read-only. Possible values are: none, mdm, - * windows10XManagement, configManager, appleRemoteManagement, microsoftSense, exchangeOnline, - * mobileApplicationManagement, linuxMdm, enrollment, endpointPrivilegeManagement, unknownFutureValue. + * If the device does not have a passcode of high complexity or higher, trigger the stored action. Possible values are: + * block, wipe, warn. */ - technologies?: DeviceManagementConfigurationTechnologies; -} -export interface DeviceManagementCompliancePolicy extends Entity { - // Policy creation date and time. This property is read-only. - createdDateTime?: string; - // Policy creation source - creationSource?: NullableOption; - // Policy description - description?: NullableOption; - // Policy assignment status. This property is read-only. - isAssigned?: boolean; - // Policy last modification date and time. This property is read-only. - lastModifiedDateTime?: string; - // Policy name - name?: NullableOption; + appActionIfDevicePasscodeComplexityLessThanHigh?: NullableOption; /** - * Platforms for this policy. Possible values are: none, android, iOS, macOS, windows10X, windows10, linux, - * unknownFutureValue. + * If the device does not have a passcode of low complexity or higher, trigger the stored action. Possible values are: + * block, wipe, warn. */ - platforms?: DeviceManagementConfigurationPlatforms; - // List of Scope Tags for this Entity instance. - roleScopeTagIds?: NullableOption; - // Number of settings. This property is read-only. - settingCount?: number; + appActionIfDevicePasscodeComplexityLessThanLow?: NullableOption; /** - * Technologies for this policy. Possible values are: none, mdm, windows10XManagement, configManager, - * appleRemoteManagement, microsoftSense, exchangeOnline, mobileApplicationManagement, linuxMdm, enrollment, - * endpointPrivilegeManagement, unknownFutureValue. + * If the device does not have a passcode of medium complexity or higher, trigger the stored action. Possible values are: + * block, wipe, warn. */ - technologies?: DeviceManagementConfigurationTechnologies; - // Policy assignments - assignments?: NullableOption; - // The list of scheduled action for this rule - scheduledActionsForRule?: NullableOption; - // Policy settings - settings?: NullableOption; -} -export interface DeviceManagementConfigurationSettingDefinition extends Entity { - // Read/write access mode of the setting. Possible values are: none, add, copy, delete, get, replace, execute. - accessTypes?: DeviceManagementConfigurationSettingAccessTypes; - // Details which device setting is applicable on. Supports: $filters. - applicability?: NullableOption; - // Base CSP Path - baseUri?: NullableOption; - // Specify category in which the setting is under. Support $filters. - categoryId?: NullableOption; - // Description of the setting. - description?: NullableOption; - // Name of the setting. For example: Allow Toast. - displayName?: NullableOption; - // Help text of the setting. Give more details of the setting. - helpText?: NullableOption; - // List of links more info for the setting can be found at. - infoUrls?: NullableOption; - // Tokens which to search settings on - keywords?: NullableOption; - // Name of the item - name?: NullableOption; - // Indicates whether the setting is required or not - occurrence?: NullableOption; - // Offset CSP Path from Base - offsetUri?: NullableOption; - // List of referred setting information. - referredSettingInformationList?: NullableOption; - // Root setting definition id if the setting is a child setting. - rootDefinitionId?: NullableOption; + appActionIfDevicePasscodeComplexityLessThanMedium?: NullableOption; /** - * Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting - * usage has separate API end-point to call. Possible values are: none, configuration, compliance, unknownFutureValue. + * Defines a managed app behavior, either block or wipe, if the specified device model is not allowed. (iOS Only). + * Possible values are: block, wipe, warn. */ - settingUsage?: DeviceManagementConfigurationSettingUsage; + appActionIfIosDeviceModelNotAllowed?: ManagedAppRemediationAction; /** - * Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, - * toggle, multiheaderGrid, contextPane. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, - * multiheaderGrid, contextPane, unknownFutureValue. + * Type of encryption which should be used for data in a managed app. (iOS Only). Possible values are: useDeviceSettings, + * afterDeviceRestart, whenDeviceLockedExceptOpenFiles, whenDeviceLocked. */ - uxBehavior?: DeviceManagementConfigurationControlType; - // Item Version - version?: NullableOption; + appDataEncryptionType?: ManagedAppDataEncryptionType; /** - * Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Possible values are: none, - * settingsCatalog, template, unknownFutureValue. + * Indicates whether use of the biometric authentication is allowed in place of a pin if PinRequired is set to True. + * (Android Only) */ - visibility?: DeviceManagementConfigurationSettingVisibility; -} -export interface DeviceManagementConfigurationPolicy extends Entity { - // Policy creation date and time - createdDateTime?: string; - // Policy creation source - creationSource?: NullableOption; - // Policy description - description?: NullableOption; - // Policy assignment status. This property is read-only. - isAssigned?: boolean; - // Policy last modification date and time - lastModifiedDateTime?: string; - // Policy name - name?: NullableOption; + biometricAuthenticationBlocked?: boolean; + // Maximum number of days Company Portal update can be deferred on the device or app access will be blocked. + blockAfterCompanyPortalUpdateDeferralInDays?: number; + // Whether the app should connect to the configured VPN on launch (Android only). + connectToVpnOnLaunch?: boolean; + // Friendly name of the preferred custom browser to open weblink on Android. (Android only) + customBrowserDisplayName?: NullableOption; + // Unique identifier of a custom browser to open weblink on Android. (Android only) + customBrowserPackageId?: NullableOption; + // A custom browser protocol to open weblink on iOS. (iOS only) + customBrowserProtocol?: NullableOption; + // Friendly name of a custom dialer app to click-to-open a phone number on Android. + customDialerAppDisplayName?: NullableOption; + // PackageId of a custom dialer app to click-to-open a phone number on Android. + customDialerAppPackageId?: NullableOption; + // Protocol of a custom dialer app to click-to-open a phone number on iOS, for example, skype:. + customDialerAppProtocol?: NullableOption; + // A set of string key and string value pairs to be sent to the affected users, unalterned by this service + customSettings?: KeyValuePair[]; + // Count of apps to which the current policy is deployed. + deployedAppCount?: number; + // Defines if any kind of lock must be required on device. (android only) + deviceLockRequired?: boolean; + // When this setting is enabled, app level encryption is disabled if device level encryption is enabled. (Android only) + disableAppEncryptionIfDeviceEncryptionIsEnabled?: boolean; /** - * Platforms for this policy. Possible values are: none, android, iOS, macOS, windows10X, windows10, linux, - * unknownFutureValue. + * Disable protection of data transferred to other apps through IOS OpenIn option. This setting is only allowed to be True + * when AllowedOutboundDataTransferDestinations is set to ManagedApps. (iOS Only) */ - platforms?: DeviceManagementConfigurationPlatforms; - // Indicates the priority of each policies that are selected by the admin during enrollment process - priorityMetaData?: NullableOption; - // List of Scope Tags for this Entity instance. - roleScopeTagIds?: NullableOption; - // Number of settings - settingCount?: number; + disableProtectionOfManagedOutboundOpenInData?: boolean; + // Indicates whether managed-app data should be encrypted. (Android only) + encryptAppData?: boolean; /** - * Technologies for this policy. Possible values are: none, mdm, windows10XManagement, configManager, - * appleRemoteManagement, microsoftSense, exchangeOnline, mobileApplicationManagement, linuxMdm, enrollment, - * endpointPrivilegeManagement, unknownFutureValue. + * Android App packages in this list will be exempt from the policy and will be able to receive data from managed apps. + * (Android only) */ - technologies?: DeviceManagementConfigurationTechnologies; - // Template reference information - templateReference?: NullableOption; - // Policy assignments - assignments?: NullableOption; - // Policy settings - settings?: NullableOption; -} -export interface DeviceManagementConfigurationPolicyTemplate extends Entity { - // Allow unmanaged setting templates - allowUnmanagedSettings?: boolean; - // Template base identifier - baseId?: NullableOption; - // Template description - description?: NullableOption; - // Template display name - displayName?: NullableOption; - // Description of template version - displayVersion?: NullableOption; + exemptedAppPackages?: NullableOption; + // iOS Apps in this list will be exempt from the policy and will be able to receive data from managed apps. (iOS Only) + exemptedAppProtocols?: NullableOption; + // Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. (iOS Only) + faceIdBlocked?: boolean; /** - * Indicate current lifecycle state of template. Possible values are: invalid, draft, active, superseded, deprecated, - * retired. + * Defines if open-in operation is supported from the managed app to the filesharing locations selected. This setting only + * applies when AllowedOutboundDataTransferDestinations is set to ManagedApps and + * DisableProtectionOfManagedOutboundOpenInData is set to False. (iOS Only) */ - lifecycleState?: DeviceManagementTemplateLifecycleState; + filterOpenInToOnlyManagedApps?: boolean; + // Indicate to the client to enable both biometrics and fingerprints for the app. + fingerprintAndBiometricEnabled?: NullableOption; /** - * Platforms for this template. Possible values are: none, android, iOS, macOS, windows10X, windows10, linux, - * unknownFutureValue. + * When a specific app redirection is enforced by protectedMessagingRedirectAppType in an App Protection Policy, this + * value defines the app name which are allowed to be used. */ - platforms?: DeviceManagementConfigurationPlatforms; - // Number of setting templates. Valid values 0 to 2147483647. This property is read-only. - settingTemplateCount?: number; + messagingRedirectAppDisplayName?: NullableOption; /** - * Technologies for this template. Possible values are: none, mdm, windows10XManagement, configManager, - * appleRemoteManagement, microsoftSense, exchangeOnline, mobileApplicationManagement, linuxMdm, enrollment, - * endpointPrivilegeManagement, unknownFutureValue. + * When a specific app redirection is enforced by protectedMessagingRedirectAppType in an App Protection Policy, this + * value defines the app package ids which are allowed to be used. */ - technologies?: DeviceManagementConfigurationTechnologies; + messagingRedirectAppPackageId?: NullableOption; /** - * TemplateFamily for this template. Possible values are: none, endpointSecurityAntivirus, endpointSecurityDiskEncryption, - * endpointSecurityFirewall, endpointSecurityEndpointDetectionAndResponse, endpointSecurityAttackSurfaceReduction, - * endpointSecurityAccountProtection, endpointSecurityApplicationControl, endpointSecurityEndpointPrivilegeManagement, - * enrollmentConfiguration, appQuietTime, baseline, unknownFutureValue, deviceConfigurationScripts, - * deviceConfigurationPolicies. + * When a specific app redirection is enforced by protectedMessagingRedirectAppType in an App Protection Policy, this + * value defines the app url redirect schemes which are allowed to be used. */ - templateFamily?: DeviceManagementConfigurationTemplateFamily; - // Template version. Valid values 1 to 2147483647. This property is read-only. - version?: number; - // Setting templates - settingTemplates?: NullableOption; -} -export interface DeviceManagementReusablePolicySetting extends Entity { - // reusable setting creation date and time. This property is read-only. - createdDateTime?: string; - // reusable setting description supplied by user. - description?: NullableOption; - // reusable setting display name supplied by user. - displayName?: string; - // date and time when reusable setting was last modified. This property is read-only. - lastModifiedDateTime?: string; + messagingRedirectAppUrlScheme?: NullableOption; + // Minimum version of the Company portal that must be installed on the device or app access will be blocked + minimumRequiredCompanyPortalVersion?: NullableOption; /** - * count of configuration policies referencing the current reusable setting. Valid values 0 to 2147483647. This property - * is read-only. + * Define the oldest required Android security patch level a user can have to gain secure access to the app. (Android + * only) */ - referencingConfigurationPolicyCount?: number; - // setting definition id associated with this reusable setting. - settingDefinitionId?: NullableOption; - // reusable setting configuration instance - settingInstance?: NullableOption; - // version number for reusable setting. Valid values 0 to 2147483647. This property is read-only. - version?: number; - // configuration policies referencing the current reusable setting. This property is read-only. - referencingConfigurationPolicies?: NullableOption; -} -export interface DeviceManagementTemplateInsightsDefinition extends Entity { - // Setting insights in a template - settingInsights?: NullableOption; -} -export interface DeviceManagementConfigurationSettingTemplate extends Entity { - // Setting Instance Template - settingInstanceTemplate?: DeviceManagementConfigurationSettingInstanceTemplate; - // List of related Setting Definitions - settingDefinitions?: NullableOption; -} -export interface ComplianceManagementPartner extends Entity { - // User groups which enroll Android devices through partner. - androidEnrollmentAssignments?: NullableOption; - // Partner onboarded for Android devices. - androidOnboarded?: boolean; - // Partner display name - displayName?: NullableOption; - // User groups which enroll ios devices through partner. - iosEnrollmentAssignments?: NullableOption; - // Partner onboarded for ios devices. - iosOnboarded?: boolean; - // Timestamp of last heartbeat after admin onboarded to the compliance management partner - lastHeartbeatDateTime?: string; - // User groups which enroll Mac devices through partner. - macOsEnrollmentAssignments?: NullableOption; - // Partner onboarded for Mac devices. - macOsOnboarded?: boolean; - // Partner state of this tenant. Possible values are: unknown, unavailable, enabled, terminated, rejected, unresponsive. - partnerState?: DeviceManagementPartnerTenantState; -} -export interface OnPremisesConditionalAccessSettings extends Entity { - // Indicates if on premises conditional access is enabled for this organization - enabled?: boolean; + minimumRequiredPatchVersion?: NullableOption; + // Versions less than the specified version will block the managed app from accessing company data. (iOS Only) + minimumRequiredSdkVersion?: NullableOption; + // Minimum version of the Company portal that must be installed on the device or the user will receive a warning + minimumWarningCompanyPortalVersion?: NullableOption; + // Define the oldest recommended Android security patch level a user can have for secure access to the app. (Android only) + minimumWarningPatchVersion?: NullableOption; /** - * User groups that will be exempt by on premises conditional access. All users in these groups will be exempt from the - * conditional access policy. + * Versions less than the specified version will result in warning message on the managed app from accessing company data. + * (iOS only) */ - excludedGroups?: string[]; + minimumWarningSdkVersion?: NullableOption; + // Minimum version of the Company portal that must be installed on the device or the company data on the app will be wiped + minimumWipeCompanyPortalVersion?: NullableOption; /** - * User groups that will be targeted by on premises conditional access. All users in these groups will be required to have - * mobile device managed and compliant for mail access. + * Android security patch level less than or equal to the specified value will wipe the managed app and the associated + * company data. (Android only) */ - includedGroups?: string[]; - // Override the default access rule when allowing a device to ensure access is granted. - overrideDefaultRule?: boolean; -} -export interface DeviceCategory extends Entity { - // Optional description for the device category. - description?: NullableOption; - // Display name for the device category. - displayName?: NullableOption; - // Optional role scope tags for the device category. - roleScopeTagIds?: NullableOption; -} -export interface DeviceManagementPartner extends Entity { - // Partner display name - displayName?: NullableOption; - // User groups that specifies whether enrollment is through partner. - groupsRequiringPartnerEnrollment?: NullableOption; - // Whether device management partner is configured or not - isConfigured?: boolean; - // Timestamp of last heartbeat after admin enabled option Connect to Device management Partner - lastHeartbeatDateTime?: string; - // Partner App type. Possible values are: unknown, singleTenantApp, multiTenantApp. - partnerAppType?: DeviceManagementPartnerAppType; - // Partner state of this tenant. Possible values are: unknown, unavailable, enabled, terminated, rejected, unresponsive. - partnerState?: DeviceManagementPartnerTenantState; - // Partner Single tenant App id - singleTenantAppId?: NullableOption; - // DateTime in UTC when PartnerDevices will be marked as NonCompliant - whenPartnerDevicesWillBeMarkedAsNonCompliantDateTime?: NullableOption; - // DateTime in UTC when PartnerDevices will be removed - whenPartnerDevicesWillBeRemovedDateTime?: NullableOption; -} -export interface DeviceManagementExchangeConnector extends Entity { - // The name of the server hosting the Exchange Connector. - connectorServerName?: NullableOption; - // An alias assigned to the Exchange server - exchangeAlias?: NullableOption; + minimumWipePatchVersion?: NullableOption; + // Versions less than the specified version will block the managed app from accessing company data. + minimumWipeSdkVersion?: NullableOption; /** - * The type of Exchange Connector Configured. Possible values are: onPremises, hosted, serviceToService, dedicated, - * unknownFutureValue. + * Protect incoming data from unknown source. This setting is only allowed to be True when + * AllowedInboundDataTransferSources is set to AllApps. (iOS Only) */ - exchangeConnectorType?: DeviceManagementExchangeConnectorType; - // Exchange Organization to the Exchange server - exchangeOrganization?: NullableOption; - // Last sync time for the Exchange Connector - lastSyncDateTime?: string; - // Email address used to configure the Service To Service Exchange Connector. - primarySmtpAddress?: NullableOption; - // The name of the Exchange server. - serverName?: NullableOption; - // Exchange Connector Status. Possible values are: none, connectionPending, connected, disconnected, unknownFutureValue. - status?: DeviceManagementExchangeConnectorStatus; - // The version of the ExchangeConnectorAgent - version?: NullableOption; -} -export interface DeviceManagementExchangeOnPremisesPolicy extends Entity { - // The list of device access rules in Exchange. The access rules apply globally to the entire Exchange organization - accessRules?: NullableOption; + protectInboundDataFromUnknownSources?: boolean; + // Require user to apply Class 3 Biometrics on their Android device. + requireClass3Biometrics?: boolean; /** - * Default access state in Exchange. This rule applies globally to the entire Exchange organization. Possible values are: - * none, allow, block, quarantine. + * Defines the Android SafetyNet Apps Verification requirement for a managed app to work. Possible values are: none, + * enabled. */ - defaultAccessLevel?: DeviceManagementExchangeAccessLevel; - // The list of device classes known to Exchange - knownDeviceClasses?: NullableOption; - // Notification text that will be sent to users quarantined by this policy. This is UTF8 encoded byte array HTML. - notificationContent?: NullableOption; + requiredAndroidSafetyNetAppsVerificationType?: AndroidManagedAppSafetyNetAppsVerificationType; /** - * The Exchange on premises conditional access settings. On premises conditional access will require devices to be both - * enrolled and compliant for mail access + * Defines the Android SafetyNet Device Attestation requirement for a managed app to work. Possible values are: none, + * basicIntegrity, basicIntegrityAndDeviceCertification. */ - conditionalAccessSettings?: NullableOption; -} -export interface MobileThreatDefenseConnector extends Entity { + requiredAndroidSafetyNetDeviceAttestationType?: AndroidManagedAppSafetyNetDeviceAttestationType; /** - * When TRUE, indicates the Mobile Threat Defense partner may collect metadata about installed applications from Intune - * for IOS devices. When FALSE, indicates the Mobile Threat Defense partner may not collect metadata about installed - * applications from Intune for IOS devices. Default value is FALSE. + * Defines the Android SafetyNet evaluation type requirement for a managed app to work. (Android Only). Possible values + * are: basic, hardwareBacked. */ - allowPartnerToCollectIOSApplicationMetadata?: boolean; + requiredAndroidSafetyNetEvaluationType?: AndroidManagedAppSafetyNetEvaluationType; + // A PIN prompt will override biometric prompts if class 3 biometrics are updated on the device. + requirePinAfterBiometricChange?: boolean; + // Indicates whether screen capture is blocked. (Android only) + screenCaptureBlocked?: boolean; + // Defines if third party keyboards are allowed while accessing a managed app. (iOS Only) + thirdPartyKeyboardsBlocked?: boolean; + // Maximum number of days Company Portal update can be deferred on the device or the user will receive the warning + warnAfterCompanyPortalUpdateDeferralInDays?: number; + // Maximum number of days Company Portal update can be deferred on the device or the company data on the app will be wiped + wipeAfterCompanyPortalUpdateDeferralInDays?: number; + // List of apps to which the policy is deployed. + apps?: NullableOption; + // Navigation property to deployment summary of the configuration. + deploymentSummary?: NullableOption; +} +export interface DefaultUserRoleOverride extends Entity { + isDefault?: NullableOption; + rolePermissions?: NullableOption; +} +export interface DelegatedAdminAccessAssignment extends Entity { + // The access container through which members are assigned access. For example, a security group. + accessContainer?: DelegatedAdminAccessContainer; /** - * When TRUE, indicates the Mobile Threat Defense partner may collect metadata about personally installed applications - * from Intune for IOS devices. When FALSE, indicates the Mobile Threat Defense partner may not collect metadata about - * personally installed applications from Intune for IOS devices. Default value is FALSE. + * The access details containing the identifiers of the administrative roles that the partner is assigned in the customer + * tenant. */ - allowPartnerToCollectIOSPersonalApplicationMetadata?: boolean; + accessDetails?: DelegatedAdminAccessDetails; + // The date and time in ISO 8601 format and in UTC time when the access assignment was created. Read-only. + createdDateTime?: NullableOption; + // The date and time in ISO 8601 and in UTC time when this access assignment was last modified. Read-only. + lastModifiedDateTime?: NullableOption; /** - * For Android, set whether Intune must receive data from the Mobile Threat Defense partner prior to marking a device - * compliant + * The status of the access assignment. Read-only. The possible values are: pending, active, deleting, deleted, error, + * unknownFutureValue. */ - androidDeviceBlockedOnMissingPartnerData?: boolean; - // For Android, set whether data from the Mobile Threat Defense partner should be used during compliance evaluations - androidEnabled?: boolean; + status?: NullableOption; +} +export interface DelegatedAdminCustomer extends Entity { + // The Microsoft Entra ID display name of the customer tenant. Read-only. Supports $orderby. + displayName?: NullableOption; + // The Microsoft Entra ID-assigned tenant ID of the customer. Read-only. + tenantId?: string; + // Contains the management details of a service in the customer tenant that's managed by delegated administration. + serviceManagementDetails?: NullableOption; +} +export interface DelegatedAdminRelationship extends Entity { /** - * When TRUE, inidicates that data from the Mobile Threat Defense partner can be used during Mobile Application Management - * (MAM) evaluations for Android devices. When FALSE, inidicates that data from the Mobile Threat Defense partner should - * not be used during Mobile Application Management (MAM) evaluations for Android devices. Only one partner per platform - * may be enabled for Mobile Application Management (MAM) evaluation. Default value is FALSE. + * The access details that contain the identifiers of the administrative roles that the partner admin is requesting in the + * customer tenant. */ - androidMobileApplicationManagementEnabled?: boolean; + accessDetails?: DelegatedAdminAccessDetails; + // The date and time in ISO 8601 format and in UTC time when the relationship became active. Read-only. + activatedDateTime?: NullableOption; /** - * For IOS, set whether Intune must receive data from the Mobile Threat Defense partner prior to marking a device - * compliant + * The duration by which the validity of the relationship is automatically extended, denoted in ISO 8601 format. Supported + * values are: P0D, PT0S, P180D. The default value is PT0S. PT0S indicates that the relationship expires when the + * endDateTime is reached and it isn't automatically extended. */ - iosDeviceBlockedOnMissingPartnerData?: boolean; - // For IOS, get or set whether data from the Mobile Threat Defense partner should be used during compliance evaluations - iosEnabled?: boolean; + autoExtendDuration?: NullableOption; + // The date and time in ISO 8601 format and in UTC time when the relationship was created. Read-only. + createdDateTime?: NullableOption; /** - * When TRUE, inidicates that data from the Mobile Threat Defense partner can be used during Mobile Application Management - * (MAM) evaluations for IOS devices. When FALSE, inidicates that data from the Mobile Threat Defense partner should not - * be used during Mobile Application Management (MAM) evaluations for IOS devices. Only one partner per platform may be - * enabled for Mobile Application Management (MAM) evaluation. Default value is FALSE. + * The display name and unique identifier of the customer of the relationship. This is configured either by the partner at + * the time the relationship is created or by the system after the customer approves the relationship. Can't be changed by + * the customer. */ - iosMobileApplicationManagementEnabled?: boolean; - // DateTime of last Heartbeat recieved from the Mobile Threat Defense partner - lastHeartbeatDateTime?: string; + customer?: NullableOption; /** - * For Mac, get or set whether Intune must receive data from the Mobile Threat Defense partner prior to marking a device - * compliant + * The display name of the relationship used for ease of identification. Must be unique across all delegated admin + * relationships of the partner. This is set by the partner only when the relationship is in the created status and can't + * be changed by the customer. Maximum length is 50 characters. */ - macDeviceBlockedOnMissingPartnerData?: boolean; - // For Mac, get or set whether data from the Mobile Threat Defense partner should be used during compliance evaluations - macEnabled?: boolean; + displayName?: string; /** - * When TRUE, inidicates that configuration profile management via Microsoft Defender for Endpoint is enabled. When FALSE, - * inidicates that configuration profile management via Microsoft Defender for Endpoint is disabled. Default value is - * FALSE. + * The duration of the relationship in ISO 8601 format. Must be a value between P1D and P2Y inclusive. This is set by the + * partner only when the relationship is in the created status and can't be changed by the customer. */ - microsoftDefenderForEndpointAttachEnabled?: boolean; + duration?: string; /** - * Mobile Threat Defense partner state for this account. Possible values are: unavailable, available, enabled, - * unresponsive, notSetUp, error, unknownFutureValue. + * The date and time in ISO 8601 format and in UTC time when the status of relationship changes to either terminated or + * expired. Calculated as endDateTime = activatedDateTime + duration. Read-only. */ - partnerState?: MobileThreatPartnerTenantState; - // Get or Set days the per tenant tolerance to unresponsiveness for this partner integration - partnerUnresponsivenessThresholdInDays?: number; + endDateTime?: NullableOption; + // The date and time in ISO 8601 format and in UTC time when the relationship was last modified. Read-only. + lastModifiedDateTime?: NullableOption; /** - * Get or set whether to block devices on the enabled platforms that do not meet the minimum version requirements of the - * Mobile Threat Defense partner + * The status of the relationship. Read Only. The possible values are: activating, active, approvalPending, approved, + * created, expired, expiring, terminated, terminating, terminationRequested, unknownFutureValue. Supports $orderby. */ - partnerUnsupportedOsVersionBlocked?: boolean; + status?: NullableOption; + // The access assignments associated with the delegated admin relationship. + accessAssignments?: NullableOption; + // The long running operations associated with the delegated admin relationship. + operations?: NullableOption; + // The requests associated with the delegated admin relationship. + requests?: NullableOption; +} +export interface DelegatedAdminRelationshipOperation extends Entity { + // The time in ISO 8601 format and in UTC time when the long-running operation was created. Read-only. + createdDateTime?: string; + // The data (payload) for the operation. Read-only. + data?: string; + // The time in ISO 8601 format and in UTC time when the long-running operation was last modified. Read-only. + lastModifiedDateTime?: string; /** - * When TRUE, inidicates that Intune must receive data from the Mobile Threat Defense partner prior to marking a device - * compliant for Windows. When FALSE, inidicates that Intune may make a device compliant without receiving data from the - * Mobile Threat Defense partner for Windows. Default value is FALSE. + * The type of long-running operation. The possible values are: delegatedAdminAccessAssignmentUpdate, unknownFutureValue. + * Read-only. */ - windowsDeviceBlockedOnMissingPartnerData?: boolean; + operationType?: DelegatedAdminRelationshipOperationType; /** - * When TRUE, inidicates that data from the Mobile Threat Defense partner can be used during compliance evaluations for - * Windows. When FALSE, inidicates that data from the Mobile Threat Defense partner should not be used during compliance - * evaluations for Windows. Default value is FALSE. + * The status of the operation. Read-only. The possible values are: notStarted, running, succeeded, failed, skipped, + * unknownFutureValue. Read-only. Supports $orderby. */ - windowsEnabled?: boolean; + status?: LongRunningOperationStatus; +} +export interface DelegatedAdminRelationshipRequest extends Entity { /** - * When TRUE, app protection policies using the Device Threat Level rule will evaluate devices including data from this - * connector for Windows. When FALSE, Intune will not use device risk details sent over this connector during app - * protection policies calculation for policies with a Device Threat Level configured. Existing devices that are not - * compliant due to risk levels obtained from this connector will also become compliant. + * The action to be performed on the delegated admin relationship. The possible values are: lockForApproval, approve, + * terminate, unknownFutureValue, reject. Note that you must use the Prefer: include-unknown-enum-members request header + * to get the following value(s) in this evolvable enum: reject. For a partner to finalize a relationship in the created + * status, set the action to lockForApproval. For a partner to terminate a relationship in the active status, set the + * action to terminate. For an indirect reseller to approve a relationship created by an indirect provider in the + * approvalPending status, set the action to approve. For an indirect reseller to reject a relationship created by an + * indirect provider in the approvalPending status, set the action to reject. */ - windowsMobileApplicationManagementEnabled?: boolean; + action?: DelegatedAdminRelationshipRequestAction; + // The date and time in ISO 8601 format and in UTC time when the relationship request was created. Read-only. + createdDateTime?: NullableOption; + // The date and time in ISO 8601 format and UTC time when this relationship request was last modified. Read-only. + lastModifiedDateTime?: NullableOption; + // The status of the request. Read-only. The possible values are: created, pending, succeeded, failed, unknownFutureValue. + status?: NullableOption; } -export interface DeviceManagementSettingCategory extends Entity { - // The category name - displayName?: NullableOption; - // The category contains top level required setting - hasRequiredSetting?: NullableOption; - // The setting definitions this category contains - settingDefinitions?: NullableOption; +export interface DelegatedAdminServiceManagementDetail extends Entity { + // The URL of the management portal for the managed service. Read-only. + serviceManagementUrl?: string; + // The name of a managed service. Read-only. + serviceName?: string; } -export interface DeviceManagementIntent extends Entity { - // The user given description - description?: NullableOption; - // The user given display name - displayName?: string; - // Signifies whether or not the intent is assigned to users - isAssigned?: boolean; - // Signifies whether or not the intent is being migrated to the configurationPolicies endpoint - isMigratingToConfigurationPolicy?: NullableOption; - // When the intent was last modified - lastModifiedDateTime?: string; - // List of Scope Tags for this Entity instance. - roleScopeTagIds?: NullableOption; - // The ID of the template this intent was created from (if any) - templateId?: NullableOption; - // Collection of assignments - assignments?: NullableOption; - // Collection of setting categories within the intent - categories?: NullableOption; - /** - * Collection of settings and their states and counts of devices that belong to corresponding state for all settings - * within the intent - */ - deviceSettingStateSummaries?: NullableOption; - // Collection of states of all devices that the intent is applied to - deviceStates?: NullableOption; +export interface DelegatedPermissionClassification extends Entity { + // The classification value. Possible values: low, medium (preview), high (preview). Doesn't support $filter. + classification?: NullableOption; /** - * A summary of device states and counts of devices that belong to corresponding state for all devices that the intent is - * applied to + * The unique identifier (id) for the delegated permission listed in the publishedPermissionScopes collection of the + * servicePrincipal. Required on create. Doesn't support $filter. */ - deviceStateSummary?: NullableOption; - // Collection of all settings to be applied - settings?: NullableOption; - // Collection of states of all users that the intent is applied to - userStates?: NullableOption; + permissionId?: NullableOption; /** - * A summary of user states and counts of users that belong to corresponding state for all users that the intent is - * applied to + * The claim value (value) for the delegated permission listed in the publishedPermissionScopes collection of the + * servicePrincipal. Doesn't support $filter. */ - userStateSummary?: NullableOption; + permissionName?: NullableOption; } -export interface DeviceManagementSettingDefinition extends Entity { - // Collection of constraints for the setting value - constraints?: NullableOption; - // Collection of dependencies on other settings - dependencies?: NullableOption; - // The setting's description - description?: NullableOption; - // The setting's display name - displayName?: string; - // Url to setting documentation - documentationUrl?: NullableOption; - // subtitle of the setting header for more details about the category/section - headerSubtitle?: NullableOption; - // title of the setting header represents a category/section of a setting/settings - headerTitle?: NullableOption; - // If the setting is top level, it can be configured without the need to be wrapped in a collection or complex setting - isTopLevel?: boolean; - // Keywords associated with the setting - keywords?: NullableOption; - // Placeholder text as an example of valid input - placeholderText?: NullableOption; - // The data type of the value. Possible values are: integer, boolean, string, complex, collection, abstractComplex. - valueType?: DeviceManangementIntentValueType; +// tslint:disable-next-line: no-empty-interface +export interface DeletedChat extends Entity {} +export interface DeletedItemContainer extends Entity { + // Deleted workflows that end up in the deletedItemsContainer. + workflows?: NullableOption; } -export interface DeviceManagementTemplate extends Entity { - // The template's description - description?: NullableOption; - // The template's display name - displayName?: string; - // Number of Intents created from this template. - intentCount?: number; - // The template is deprecated or not. Intents cannot be created from a deprecated template. - isDeprecated?: boolean; +export interface DeletedTeam extends Entity { + // The channels those are either shared with this deleted team or created in this deleted team. + channels?: NullableOption; +} +export interface DeltaParticipants extends Entity { + // The sequence number for the roster update that is used to identify the notification order. + sequenceNumber?: NullableOption; + // The collection of participants that were updated since the last roster update. + participants?: NullableOption; +} +export interface DepEnrollmentBaseProfile extends EnrollmentProfile { + // Indicates if Apple id setup pane is disabled + appleIdDisabled?: boolean; + // Indicates if Apple pay setup pane is disabled + applePayDisabled?: boolean; + // URL for setup assistant login + configurationWebUrl?: boolean; + // Sets a literal or name pattern. + deviceNameTemplate?: NullableOption; + // Indicates if diagnostics setup pane is disabled + diagnosticsDisabled?: boolean; + // Indicates if displaytone setup screen is disabled + displayToneSetupDisabled?: boolean; + // enabledSkipKeys contains all the enabled skip keys as strings + enabledSkipKeys?: NullableOption; + // EnrollmentTimeAzureAdGroupIds contains list of enrollment time Azure Group Ids to be associated with profile + enrollmentTimeAzureAdGroupIds?: string[]; + // Indicates if this is the default profile + isDefault?: boolean; + // Indicates if the profile is mandatory + isMandatory?: boolean; + // Indicates if Location service setup pane is disabled + locationDisabled?: boolean; + // Indicates if privacy screen is disabled + privacyPaneDisabled?: boolean; + // Indicates if the profile removal option is disabled + profileRemovalDisabled?: boolean; + // Indicates if Restore setup pane is blocked + restoreBlocked?: boolean; + // Indicates if screen timeout setup is disabled + screenTimeScreenDisabled?: boolean; + // Indicates if siri setup pane is disabled + siriDisabled?: boolean; /** - * The template's platform. Possible values are: android, androidForWork, iOS, macOS, windowsPhone81, windows81AndLater, - * windows10AndLater, androidWorkProfile, windows10XProfile, all. + * Supervised mode, True to enable, false otherwise. See + * https://learn.microsoft.com/intune/deploy-use/enroll-devices-in-microsoft-intune for additional information. */ - platformType?: PolicyPlatformType; - // When the template was published - publishedDateTime?: string; + supervisedModeEnabled?: boolean; + // Support department information + supportDepartment?: NullableOption; + // Support phone number + supportPhoneNumber?: NullableOption; + // Indicates if 'Terms and Conditions' setup pane is disabled + termsAndConditionsDisabled?: boolean; + // Indicates if touch id setup pane is disabled + touchIdDisabled?: boolean; + // Indicates if the device will need to wait for configured confirmation + waitForDeviceConfiguredConfirmation?: boolean; +} +export interface DepEnrollmentProfile extends EnrollmentProfile { + // Indicates if Apple id setup pane is disabled + appleIdDisabled?: boolean; + // Indicates if Apple pay setup pane is disabled + applePayDisabled?: boolean; + // Indicates if the device will need to wait for configured confirmation + awaitDeviceConfiguredConfirmation?: boolean; + // Indicates if diagnostics setup pane is disabled + diagnosticsDisabled?: boolean; /** - * The template's subtype. Possible values are: none, firewall, diskEncryption, attackSurfaceReduction, - * endpointDetectionReponse, accountProtection, antivirus, firewallSharedAppList, firewallSharedIpList, - * firewallSharedPortlist. + * This indicates whether the device is to be enrolled in a mode which enables multi user scenarios. Only applicable in + * shared iPads. */ - templateSubtype?: DeviceManagementTemplateSubtype; + enableSharedIPad?: boolean; + // Indicates if this is the default profile + isDefault?: boolean; + // Indicates if the profile is mandatory + isMandatory?: boolean; + // Indicates the iTunes pairing mode. Possible values are: disallow, allow, requiresCertificate. + iTunesPairingMode?: ITunesPairingMode; + // Indicates if Location service setup pane is disabled + locationDisabled?: boolean; + // Indicates if Mac OS file vault is disabled + macOSFileVaultDisabled?: boolean; + // Indicates if Mac OS registration is disabled + macOSRegistrationDisabled?: boolean; + // Management certificates for Apple Configurator + managementCertificates?: NullableOption; + // Indicates if Passcode setup pane is disabled + passCodeDisabled?: boolean; + // Indicates if the profile removal option is disabled + profileRemovalDisabled?: boolean; + // Indicates if Restore setup pane is blocked + restoreBlocked?: boolean; + // Indicates if Restore from Android is disabled + restoreFromAndroidDisabled?: boolean; + // This specifies the maximum number of users that can use a shared iPad. Only applicable in shared iPad mode. + sharedIPadMaximumUserCount?: number; + // Indicates if siri setup pane is disabled + siriDisabled?: boolean; /** - * The template's type. Possible values are: securityBaseline, specializedDevices, - * advancedThreatProtectionSecurityBaseline, deviceConfiguration, custom, securityTemplate, microsoftEdgeSecurityBaseline, - * microsoftOffice365ProPlusSecurityBaseline, deviceCompliance, deviceConfigurationForOffice365, cloudPC, - * firewallSharedSettings. + * Supervised mode, True to enable, false otherwise. See + * https://learn.microsoft.com/intune/deploy-use/enroll-devices-in-microsoft-intune for additional information. */ - templateType?: DeviceManagementTemplateType; - // The template's version information - versionInfo?: NullableOption; - // Collection of setting categories within the template - categories?: NullableOption; - // Collection of templates this template can migrate to - migratableTo?: NullableOption; - // Collection of all settings this template has - settings?: NullableOption; -} -export interface ApplePushNotificationCertificate extends Entity { - // Apple Id of the account used to create the MDM push certificate. - appleIdentifier?: NullableOption; - // Not yet documented - certificate?: NullableOption; - // Certificate serial number. This property is read-only. - certificateSerialNumber?: NullableOption; - // The reason the certificate upload failed. - certificateUploadFailureReason?: NullableOption; - // The certificate upload status. - certificateUploadStatus?: NullableOption; - // The expiration date and time for Apple push notification certificate. - expirationDateTime?: string; - // Last modified date and time for Apple push notification certificate. - lastModifiedDateTime?: string; - // Topic Id. - topicIdentifier?: NullableOption; -} -export interface CloudPCConnectivityIssue extends Entity { - // The Intune DeviceId of the device the connection is associated with. - deviceId?: NullableOption; - // The error code of the connectivity issue. - errorCode?: NullableOption; - // The time that the connection initiated. The time is shown in ISO 8601 format and Coordinated Universal Time (UTC) time. - errorDateTime?: string; - // The detailed description of what went wrong. - errorDescription?: NullableOption; - // The recommended action to fix the corresponding error. - recommendedAction?: NullableOption; - // The unique id of user who initialize the connection. - userId?: NullableOption; + supervisedModeEnabled?: boolean; + // Support department information + supportDepartment?: NullableOption; + // Support phone number + supportPhoneNumber?: NullableOption; + // Indicates if 'Terms and Conditions' setup pane is disabled + termsAndConditionsDisabled?: boolean; + // Indicates if touch id setup pane is disabled + touchIdDisabled?: boolean; + // Indicates if zoom setup pane is disabled + zoomDisabled?: boolean; } -export interface ComanagementEligibleDevice extends Entity { - /** - * ClientRegistrationStatus. Possible values are: notRegistered, registered, revoked, keyConflict, approvalPending, - * certificateReset, notRegisteredPendingEnrollment, unknown. - */ - clientRegistrationStatus?: DeviceRegistrationState; - // DeviceName - deviceName?: NullableOption; +export interface DepIOSEnrollmentProfile extends DepEnrollmentBaseProfile { + // Indicates if Apperance screen is disabled + appearanceScreenDisabled?: boolean; + // Indicates if the device will need to wait for configured confirmation + awaitDeviceConfiguredConfirmation?: boolean; + // Carrier URL for activating device eSIM. + carrierActivationUrl?: NullableOption; /** - * DeviceType. Possible values are: desktop, windowsRT, winMO6, nokia, windowsPhone, mac, winCE, winEmbedded, iPhone, - * iPad, iPod, android, iSocConsumer, unix, macMDM, holoLens, surfaceHub, androidForWork, androidEnterprise, windows10x, - * androidnGMS, chromeOS, linux, blackberry, palm, unknown, cloudPC. + * If set, indicates which Vpp token should be used to deploy the Company Portal w/ device licensing. + * 'enableAuthenticationViaCompanyPortal' must be set in order for this property to be set. */ - deviceType?: DeviceType; - // EntitySource - entitySource?: number; + companyPortalVppTokenId?: NullableOption; + // Indicates if Device To Device Migration is disabled + deviceToDeviceMigrationDisabled?: boolean; /** - * ManagementAgents. Possible values are: eas, mdm, easMdm, intuneClient, easIntuneClient, configurationManagerClient, - * configurationManagerClientMdm, configurationManagerClientMdmEas, unknown, jamf, googleCloudDevicePolicyController, - * microsoft365ManagedMdm, msSense, intuneAosp. + * This indicates whether the device is to be enrolled in a mode which enables multi user scenarios. Only applicable in + * shared iPads. */ - managementAgents?: ManagementAgentType; + enableSharedIPad?: boolean; /** - * ManagementState. Possible values are: managed, retirePending, retireFailed, wipePending, wipeFailed, unhealthy, - * deletePending, retireIssued, wipeIssued, wipeCanceled, retireCanceled, discovered. + * Tells the device to enable single app mode and apply app-lock during enrollment. Default is false. + * 'enableAuthenticationViaCompanyPortal' and 'companyPortalVppTokenId' must be set for this property to be set. */ - managementState?: ManagementState; - // Manufacturer - manufacturer?: NullableOption; - // MDMStatus - mdmStatus?: NullableOption; - // Model - model?: NullableOption; - // OSDescription - osDescription?: NullableOption; - // OSVersion - osVersion?: NullableOption; - // OwnerType. Possible values are: unknown, company, personal. - ownerType?: OwnerType; - // ReferenceId - referenceId?: NullableOption; - // SerialNumber - serialNumber?: NullableOption; + enableSingleAppEnrollmentMode?: boolean; + // Indicates if Express Language screen is disabled + expressLanguageScreenDisabled?: boolean; + // Indicates if temporary sessions is enabled + forceTemporarySession?: boolean; + // Indicates if home button sensitivity screen is disabled + homeButtonScreenDisabled?: boolean; + // Indicates if iMessage and FaceTime screen is disabled + iMessageAndFaceTimeScreenDisabled?: boolean; + // Indicates the iTunes pairing mode. Possible values are: disallow, allow, requiresCertificate. + iTunesPairingMode?: ITunesPairingMode; + // Management certificates for Apple Configurator + managementCertificates?: NullableOption; + // Indicates if onboarding setup screen is disabled + onBoardingScreenDisabled?: boolean; + // Indicates if Passcode setup pane is disabled + passCodeDisabled?: boolean; + // Indicates timeout before locked screen requires the user to enter the device passocde to unlock it + passcodeLockGracePeriodInSeconds?: NullableOption; + // Indicates if Preferred language screen is disabled + preferredLanguageScreenDisabled?: boolean; + // Indicates if Weclome screen is disabled + restoreCompletedScreenDisabled?: boolean; + // Indicates if Restore from Android is disabled + restoreFromAndroidDisabled?: boolean; + // This specifies the maximum number of users that can use a shared iPad. Only applicable in shared iPad mode. + sharedIPadMaximumUserCount?: number; + // Indicates if the SIMSetup screen is disabled + simSetupScreenDisabled?: boolean; + // Indicates if the mandatory sofware update screen is disabled + softwareUpdateScreenDisabled?: boolean; + // Indicates timeout of temporary session + temporarySessionTimeoutInSeconds?: number; + // Indicates if Weclome screen is disabled + updateCompleteScreenDisabled?: boolean; /** - * ComanagementEligibleStatus. Possible values are: comanaged, eligible, eligibleButNotAzureAdJoined, needsOsUpdate, - * ineligible, scheduledForEnrollment, unknownFutureValue. + * Indicates that this apple device is designated to support 'shared device mode' scenarios. This is distinct from the + * 'shared iPad' scenario. See https://learn.microsoft.com/mem/intune/enrollment/device-enrollment-shared-ios */ - status?: ComanagementEligibleType; - // UPN - upn?: NullableOption; - // UserEmail - userEmail?: NullableOption; - // UserId - userId?: NullableOption; - // UserName - userName?: NullableOption; + userlessSharedAadModeEnabled?: boolean; + // Indicates timeout of temporary session + userSessionTimeoutInSeconds?: number; + // Indicates if the watch migration screen is disabled + watchMigrationScreenDisabled?: boolean; + // Indicates if Weclome screen is disabled + welcomeScreenDisabled?: boolean; + // Indicates if zoom setup pane is disabled + zoomDisabled?: boolean; } -export interface DataSharingConsent extends Entity { - // The time consent was granted for this account - grantDateTime?: string; - // The granted state for the data sharing consent - granted?: boolean; - // The Upn of the user that granted consent for this account - grantedByUpn?: NullableOption; - // The UserId of the user that granted consent for this account - grantedByUserId?: NullableOption; - // The display name of the service work flow - serviceDisplayName?: NullableOption; - // The TermsUrl for the data sharing consent - termsUrl?: NullableOption; +export interface DepMacOSEnrollmentProfile extends DepEnrollmentBaseProfile { + // Indicates if Accessibility screen is disabled + accessibilityScreenDisabled?: boolean; + // Indicates what the full name for the admin account is + adminAccountFullName?: NullableOption; + // Indicates what the password for the admin account is + adminAccountPassword?: NullableOption; + // Indicates what the user name for the admin account is + adminAccountUserName?: NullableOption; + // Indicates if Setup Assistant will automatically advance through its screen + autoAdvanceSetupEnabled?: boolean; + // Indicates if UnlockWithWatch screen is disabled + autoUnlockWithWatchDisabled?: boolean; + // Indicates if iCloud Documents and Desktop screen is disabled + chooseYourLockScreenDisabled?: boolean; + // Indicates whether Setup Assistant will auto populate the primary account information + dontAutoPopulatePrimaryAccountInfo?: boolean; + // Indicates whether the user will enable blockediting + enableRestrictEditing?: boolean; + // Indicates if file vault is disabled + fileVaultDisabled?: boolean; + // Indicates whether the admin account should be hidded or not + hideAdminAccount?: boolean; + // Indicates if iCloud Analytics screen is disabled + iCloudDiagnosticsDisabled?: boolean; + // Indicates if iCloud Documents and Desktop screen is disabled + iCloudStorageDisabled?: boolean; + // Indicates if Passcode setup pane is disabled + passCodeDisabled?: boolean; + // Indicates what the full name for the primary account is + primaryAccountFullName?: NullableOption; + // Indicates what the account name for the primary account is + primaryAccountUserName?: NullableOption; + // Indicates if registration is disabled + registrationDisabled?: boolean; + // Indicates if the device is network-tethered to run the command + requestRequiresNetworkTether?: boolean; + // Indicates whether Setup Assistant will set the account as a regular user + setPrimarySetupAccountAsRegularUser?: boolean; + // Indicates whether Setup Assistant will skip the user interface for primary account setup + skipPrimarySetupAccountCreation?: boolean; + // Indicates if zoom setup pane is disabled + zoomDisabled?: boolean; +} +export interface DepOnboardingSetting extends Entity { + // The Apple ID used to obtain the current token. + appleIdentifier?: NullableOption; + // Consent granted for data sharing with Apple Dep Service + dataSharingConsentGranted?: boolean; + // When the service was onboarded. + lastModifiedDateTime?: string; + // When the service last syned with Intune + lastSuccessfulSyncDateTime?: string; + // Error code reported by Apple during last dep sync. + lastSyncErrorCode?: number; + // When Intune last requested a sync. + lastSyncTriggeredDateTime?: string; + // List of Scope Tags for this Entity instance. + roleScopeTagIds?: NullableOption; + // Whether or not the Dep token sharing is enabled with the School Data Sync service. + shareTokenWithSchoolDataSyncService?: boolean; + // Gets synced device count + syncedDeviceCount?: number; + // When the token will expire. + tokenExpirationDateTime?: string; + // Friendly Name for Dep Token + tokenName?: NullableOption; + // Gets or sets the Dep Token Type. Possible values are: none, dep, appleSchoolManager. + tokenType?: DepTokenType; + // Default iOS Enrollment Profile + defaultIosEnrollmentProfile?: NullableOption; + // Default MacOs Enrollment Profile + defaultMacOsEnrollmentProfile?: NullableOption; + // The enrollment profiles. + enrollmentProfiles?: NullableOption; + // The imported Apple device identities. + importedAppleDeviceIdentities?: NullableOption; } export interface DetectedApp extends Entity { // The number of devices that have installed this application @@ -14442,3294 +15057,4637 @@ export interface DetectedApp extends Entity { // The devices that have the discovered application installed managedDevices?: NullableOption; } -export interface DeviceComplianceScript extends Entity { - // The timestamp of when the device compliance script was created. This property is read-only. - createdDateTime?: string; - // Description of the device compliance script - description?: NullableOption; - // The entire content of the detection powershell script - detectionScriptContent?: NullableOption; - // Name of the device compliance script - displayName?: NullableOption; - // Indicate whether the script signature needs be checked - enforceSignatureCheck?: boolean; - // The timestamp of when the device compliance script was modified. This property is read-only. - lastModifiedDateTime?: string; - // Name of the device compliance script publisher - publisher?: NullableOption; - // List of Scope Tag IDs for the device compliance script - roleScopeTagIds?: NullableOption; - // Indicate whether PowerShell script(s) should run as 32-bit - runAs32Bit?: boolean; - // Indicates the type of execution context. Possible values are: system, user. - runAsAccount?: RunAsAccountType; - // Version of the device compliance script - version?: NullableOption; - // The list of group assignments for the device compliance script - assignments?: NullableOption; - // List of run states for the device compliance script across all devices - deviceRunStates?: NullableOption; - // High level run summary for device compliance script. - runSummary?: NullableOption; -} -export interface DeviceCustomAttributeShellScript extends Entity { - // The date and time the device management script was created. This property is read-only. - createdDateTime?: string; - // The name of the custom attribute. - customAttributeName?: NullableOption; - // The expected type of the custom attribute's value. Possible values are: integer, string, dateTime. - customAttributeType?: DeviceCustomAttributeValueType; - // Optional description for the device management script. - description?: NullableOption; - // Name of the device management script. - displayName?: NullableOption; - // Script file name. - fileName?: NullableOption; - // The date and time the device management script was last modified. This property is read-only. - lastModifiedDateTime?: string; - // List of Scope Tag IDs for this PowerShellScript instance. - roleScopeTagIds?: NullableOption; - // Indicates the type of execution context. Possible values are: system, user. - runAsAccount?: RunAsAccountType; - // The script content. - scriptContent?: NullableOption; - // The list of group assignments for the device management script. - assignments?: NullableOption; - // List of run states for this script across all devices. - deviceRunStates?: NullableOption; - // The list of group assignments for the device management script. - groupAssignments?: NullableOption; - // Run summary for device management script. - runSummary?: NullableOption; - // List of run states for this script across all users. - userRunStates?: NullableOption; -} -export interface DeviceHealthScript extends Entity { - // The timestamp of when the device health script was created. This property is read-only. - createdDateTime?: string; - // Description of the device health script - description?: NullableOption; - // The entire content of the detection powershell script - detectionScriptContent?: NullableOption; - // List of ComplexType DetectionScriptParameters objects. - detectionScriptParameters?: NullableOption; - // DeviceHealthScriptType for the script policy. Possible values are: deviceHealthScript, managedInstallerScript. - deviceHealthScriptType?: DeviceHealthScriptType; - // Name of the device health script - displayName?: NullableOption; - // Indicate whether the script signature needs be checked - enforceSignatureCheck?: boolean; - // Highest available version for a Microsoft Proprietary script - highestAvailableVersion?: NullableOption; - // Determines if this is Microsoft Proprietary Script. Proprietary scripts are read-only - isGlobalScript?: boolean; - // The timestamp of when the device health script was modified. This property is read-only. - lastModifiedDateTime?: string; - // Name of the device health script publisher - publisher?: NullableOption; - // The entire content of the remediation powershell script - remediationScriptContent?: NullableOption; - // List of ComplexType RemediationScriptParameters objects. - remediationScriptParameters?: NullableOption; - // List of Scope Tag IDs for the device health script - roleScopeTagIds?: NullableOption; - // Indicate whether PowerShell script(s) should run as 32-bit - runAs32Bit?: boolean; - // Indicates the type of execution context. Possible values are: system, user. - runAsAccount?: RunAsAccountType; - // Version of the device health script - version?: NullableOption; - // The list of group assignments for the device health script - assignments?: NullableOption; - // List of run states for the device health script across all devices - deviceRunStates?: NullableOption; - // High level run summary for device health script. - runSummary?: NullableOption; -} -export interface DeviceManagementScript extends Entity { - // The date and time the device management script was created. This property is read-only. - createdDateTime?: string; - // Optional description for the device management script. - description?: NullableOption; - // Name of the device management script. - displayName?: NullableOption; - // Indicate whether the script signature needs be checked. - enforceSignatureCheck?: boolean; - // Script file name. - fileName?: NullableOption; - // The date and time the device management script was last modified. This property is read-only. - lastModifiedDateTime?: string; - // List of Scope Tag IDs for this PowerShellScript instance. - roleScopeTagIds?: NullableOption; - // A value indicating whether the PowerShell script should run as 32-bit - runAs32Bit?: boolean; - // Indicates the type of execution context. Possible values are: system, user. - runAsAccount?: RunAsAccountType; - // The script content. - scriptContent?: NullableOption; - // The list of group assignments for the device management script. - assignments?: NullableOption; - // List of run states for this script across all devices. - deviceRunStates?: NullableOption; - // The list of group assignments for the device management script. - groupAssignments?: NullableOption; - // Run summary for device management script. - runSummary?: NullableOption; - // List of run states for this script across all users. - userRunStates?: NullableOption; -} -export interface DeviceShellScript extends Entity { - // Does not notify the user a script is being executed - blockExecutionNotifications?: boolean; - // The date and time the device management script was created. This property is read-only. - createdDateTime?: string; - // Optional description for the device management script. - description?: NullableOption; - // Name of the device management script. - displayName?: NullableOption; - // The interval for script to run. If not defined the script will run once - executionFrequency?: string; - // Script file name. - fileName?: NullableOption; - // The date and time the device management script was last modified. This property is read-only. - lastModifiedDateTime?: string; - // Number of times for the script to be retried if it fails - retryCount?: number; - // List of Scope Tag IDs for this PowerShellScript instance. - roleScopeTagIds?: NullableOption; - // Indicates the type of execution context. Possible values are: system, user. - runAsAccount?: RunAsAccountType; - // The script content. - scriptContent?: NullableOption; - // The list of group assignments for the device management script. - assignments?: NullableOption; - // List of run states for this script across all devices. - deviceRunStates?: NullableOption; - // The list of group assignments for the device management script. - groupAssignments?: NullableOption; - // Run summary for device management script. - runSummary?: NullableOption; - // List of run states for this script across all users. - userRunStates?: NullableOption; -} -export interface ManagedDeviceOverview extends Entity { - // Distribution of Exchange Access State in Intune - deviceExchangeAccessStateSummary?: NullableOption; - // Device operating system summary. - deviceOperatingSystemSummary?: NullableOption; - // The number of devices enrolled in both MDM and EAS - dualEnrolledDeviceCount?: number; - // Total enrolled device count. Does not include PC devices managed via Intune PC Agent - enrolledDeviceCount?: number; - // Last modified date time of device overview - lastModifiedDateTime?: string; - // Models and Manufactures meatadata for managed devices in the account - managedDeviceModelsAndManufacturers?: NullableOption; - // The number of devices enrolled in MDM - mdmEnrolledCount?: number; -} -export interface PrivilegeManagementElevation extends Entity { +export interface Device extends DirectoryObject { + /** + * true if the account is enabled; otherwise, false. Default is true. Supports $filter (eq, ne, not, in). Only callers in + * Global Administrator and Cloud Device Administrator roles can set this property. + */ + accountEnabled?: NullableOption; + // For internal use only. Not nullable. Supports $filter (eq, not, ge, le). + alternativeSecurityIds?: AlternativeSecurityId[]; + /** + * The timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, + * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. Supports $filter (eq, ne, not, ge, le, and eq on null + * values) and $orderby. + */ + approximateLastSignInDateTime?: NullableOption; + /** + * The timestamp when the device is no longer deemed compliant. The timestamp type represents date and time information + * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. + * Read-only. + */ + complianceExpirationDateTime?: NullableOption; + // User-defined property set by Intune to automatically add devices to groups and simplify managing devices. + deviceCategory?: NullableOption; + /** + * Unique Identifier set by Azure Device Registration Service at the time of registration. This is an alternate key that + * can be used to reference the device object. Also Supports $filter (eq, ne, not, startsWith). + */ + deviceId?: NullableOption; + // For internal use only. Set to null. + deviceMetadata?: NullableOption; + // Ownership of the device. This property is set by Intune. Possible values are: unknown, company, personal. + deviceOwnership?: NullableOption; + // For internal use only. + deviceVersion?: NullableOption; /** - * The certificate payload of the application. This is computed by hashing the certificate information on the client. - * Example: `32c220482c68413fbf8290e3b1e49b0a85901cfcd62ab0738760568a2a6e8a50` + * The display name for the device. Required. Supports $filter (eq, ne, not, ge, le, in, startsWith, and eq on null + * values), $search, and $orderby. */ - certificatePayload?: NullableOption; + displayName?: NullableOption; + // The on-premises domain name of Microsoft Entra hybrid joined devices. This property is set by Intune. + domainName?: NullableOption; /** - * The company name of the application. This value is set by the creator of the application. Example: `Microsoft - * Corporation` + * Enrollment profile applied to the device. For example, Apple Device Enrollment Profile, Device enrollment - Corporate + * device identifiers, or Windows Autopilot profile name. This property is set by Intune. */ - companyName?: NullableOption; - // The Intune deviceId. Unique identifier for the managed device. Example: `92ce5047-9553-4731-817f-9b401a999a1b` - deviceId?: NullableOption; - // The name associated with the device in the intune database. Example: `JOHNDOE-LAPTOP`. - deviceName?: NullableOption; + enrollmentProfileName?: NullableOption; /** - * Indicates the type of elevation on the application. Possible values are `undetermined`, `unmanagedElevation`, - * `zeroTouchElevation`, `userConfirmedElevation`, and `supportApprovedElevation`. Defaults to `undetermined` + * Enrollment type of the device. This property is set by Intune. Possible values are: unknown, userEnrollment, + * deviceEnrollmentManager, appleBulkWithUser, appleBulkWithoutUser, windowsAzureADJoin, windowsBulkUserless, + * windowsAutoEnrollment, windowsBulkAzureDomainJoin, windowsCoManagement. */ - elevationType?: PrivilegeManagementElevationType; - // The date and time when the application was elevated. Example:`2014-01-01T00:00:00Z` - eventDateTime?: string; + enrollmentType?: NullableOption; /** - * The file description of the application. This value is set by the creator of the application. Example: `Editor of - * multiple coding languages.` + * Contains extension attributes 1-15 for the device. The individual extension attributes aren't selectable. These + * properties are mastered in cloud and can be set during creation or update of a device object in Microsoft Entra ID. + * Supports $filter (eq, not, startsWith, and eq on null values). */ - fileDescription?: NullableOption; - // The full file path of the application including the filename and file extension. Example: `C:\Program Files\vscode.exe` - filePath?: NullableOption; - // The version of the application. This value is set by the creator of the application. Example: `6.2211.1035.1000` - fileVersion?: NullableOption; - // The sha256 hash of the application. Example: `32c220482c68413fbf8290e3b1e49b0a85901cfcd62ab0738760568a2a6e8a57` - hash?: NullableOption; - // The internal name of the application. This value is set by the creator of the application. Example: `VS code` - internalName?: NullableOption; + extensionAttributes?: NullableOption; + // List of host names for the device. + hostnames?: NullableOption; /** - * The justification to elevate the application. This is an input by the user when the privilegeManagementElevationType is - * of type userConfirmedElevation or support approved elevation. This will be null in all other scenarios. The length is - * capped at 256 char, enforced on the client side. Example: `To install debug tool.`. + * true if the device complies with Mobile Device Management (MDM) policies; otherwise, false. Read-only. This can only be + * updated by Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, + * not). */ - justification?: NullableOption; + isCompliant?: NullableOption; /** - * The name of parent process associated with the elevated process. This is always populated for both parent and child - * process types + * true if the device is managed by a Mobile Device Management (MDM) app; otherwise, false. This can only be updated by + * Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). */ - parentProcessName?: NullableOption; - // Unique Identifier of the policy configured to run the application with elevated access - policyId?: NullableOption; - // The name of the policy configured to run the application in elevated access - policyName?: NullableOption; - // Indicates the type of process that is elevated. Possible values are `undefined`, `parent` and `child` - processType?: PrivilegeManagementProcessType; - // The product name of the application. This value is set by the creator of the application. Example: `Visual Studio` - productName?: NullableOption; + isManaged?: NullableOption; /** - * The result of the elevation action with 0 being success, and everything else being exit code if the elevation was - * unsuccessful. The value will always be 0 on all unmanaged elevation. Example: `0`. Valid values 0 to 2147483647 + * Indicates whether the device is a member of a restricted management administrative unit, in which case it requires a + * role scoped to the restricted administrative unit to manage. The default value is false. Read-only. To manage a device + * that's a member of a restricted administrative unit, the calling app must be assigned the Directory.Write.Restricted + * permission. For delegated scenarios, the administrators must also be explicitly assigned supported roles at the + * restricted administrative unit scope. */ - result?: number; - // Unique identifier of the rule configured to run the application with elevated access - ruleId?: NullableOption; - // The User Principal Name of the user who performed the elevation. Example: `john@domain.com` - upn?: NullableOption; + isManagementRestricted?: NullableOption; + // true if device is rooted; false if device is jail-broken. This can only be updated by Intune. + isRooted?: NullableOption; + // Form factor of the device. Only returned if the user signs in with a Microsoft account as part of Project Rome. + kind?: NullableOption; /** - * The type of account performed the elevation on Windows. Possible values are: `undetermined`, `azureAd`, `hybrid`, and - * `local`. Defaults to `undetermined`. + * Management channel of the device. This property is set by Intune. Possible values are: eas, mdm, easMdm, intuneClient, + * easIntuneClient, configurationManagerClient, configurationManagerClientMdm, configurationManagerClientMdmEas, unknown, + * jamf, googleCloudDevicePolicyController. */ - userType?: PrivilegeManagementEndUserType; + managementType?: NullableOption; + // Manufacturer of the device. Read-only. + manufacturer?: NullableOption; + // Application identifier used to register device into MDM. Read-only. Supports $filter (eq, ne, not, startsWith). + mdmAppId?: NullableOption; + // Model of the device. Read-only. + model?: NullableOption; + // Friendly name of the device. Only returned if user signs in with a Microsoft account as part of Project Rome. + name?: NullableOption; + /** + * The last time at which the object was synced with the on-premises directory. The Timestamp type represents date and + * time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is + * 2014-01-01T00:00:00Z Read-only. Supports $filter (eq, ne, not, ge, le, in). + */ + onPremisesLastSyncDateTime?: NullableOption; + /** + * The on-premises security identifier (SID) for the user who was synchronized from on-premises to the cloud. Read-only. + * Returned only on $select. Supports $filter (eq). + */ + onPremisesSecurityIdentifier?: NullableOption; + /** + * true if this object is synced from an on-premises directory; false if this object was originally synced from an + * on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory + * (default). Read-only. Supports $filter (eq, ne, not, in, and eq on null values). + */ + onPremisesSyncEnabled?: NullableOption; + /** + * The type of operating system on the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null + * values). + */ + operatingSystem?: NullableOption; + /** + * Operating system version of the device. Required. Supports $filter (eq, ne, not, ge, le, startsWith, and eq on null + * values). + */ + operatingSystemVersion?: NullableOption; + // For internal use only. Not nullable. Supports $filter (eq, not, ge, le, startsWith, /$count eq 0, /$count ne 0. + physicalIds?: string[]; + // Platform of device. Only returned if the user signs in with a Microsoft account as part of Project Rome. + platform?: NullableOption; + // The profile type of the device. Possible values: RegisteredDevice (default), SecureVM, Printer, Shared, IoT. + profileType?: NullableOption; + /** + * Date and time of when the device was registered. The timestamp type represents date and time information using ISO 8601 + * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. + */ + registrationDateTime?: NullableOption; + // Device is online or offline. Only returned if user signs in with a Microsoft account as part of Project Rome. + status?: NullableOption; + // List of labels applied to the device by the system. Supports $filter (/$count eq 0, /$count ne 0). + systemLabels?: string[]; + /** + * Type of trust for the joined device. Read-only. Possible values: Workplace (indicates bring your own personal devices), + * AzureAd (Cloud only joined devices), ServerAd (on-premises domain joined devices joined to Microsoft Entra ID). For + * more information, see Introduction to device management in Microsoft Entra ID. + */ + trustType?: NullableOption; + // Set of commands sent to this device. + commands?: NullableOption; + // The collection of open extensions defined for the device. Read-only. Nullable. + extensions?: NullableOption; + // Groups and administrative units that this device is a member of. Read-only. Nullable. Supports $expand. + memberOf?: NullableOption; + /** + * The user that cloud joined the device or registered their personal device. The registered owner is set at the time of + * registration. Read-only. Nullable. Supports $expand. + */ + registeredOwners?: NullableOption; + /** + * Collection of registered users of the device. For cloud joined devices and registered personal devices, registered + * users are set to the same value as registered owners at the time of registration. Read-only. Nullable. Supports + * $expand. + */ + registeredUsers?: NullableOption; + // Groups and administrative units that this device is a member of. This operation is transitive. Supports $expand. + transitiveMemberOf?: NullableOption; + // Represents the usage rights a device has been granted. + usageRights?: NullableOption; } -export interface RemoteActionAudit extends Entity { +export interface DeviceAndAppManagementAssignmentFilter extends Entity { /** - * The action name. Possible values are: unknown, factoryReset, removeCompanyData, resetPasscode, remoteLock, - * enableLostMode, disableLostMode, locateDevice, rebootNow, recoverPasscode, cleanWindowsDevice, - * logoutSharedAppleDeviceActiveUser, quickScan, fullScan, windowsDefenderUpdateSignatures, - * factoryResetKeepEnrollmentData, updateDeviceAccount, automaticRedeployment, shutDown, rotateBitLockerKeys, - * rotateFileVaultKey, getFileVaultKey, setDeviceName, activateDeviceEsim, deprovision, disable, reenable, - * moveDeviceToOrganizationalUnit, initiateMobileDeviceManagementKeyRecovery, initiateOnDemandProactiveRemediation, - * rotateLocalAdminPassword, unknownFutureValue, launchRemoteHelp, revokeAppleVppLicenses, - * removeDeviceFirmwareConfigurationInterfaceManagement. + * Indicates filter is applied to either 'devices' or 'apps' management type. Possible values are devices, apps. Default + * filter will be applied to 'devices'. Possible values are: devices, apps, unknownFutureValue. */ - action?: RemoteAction; - // Action state. Possible values are: none, pending, canceled, active, done, failed, notSupported. - actionState?: ActionState; - // Intune device name. + assignmentFilterManagementType?: AssignmentFilterManagementType; + /** + * The creation time of the assignment filter. The value cannot be modified and is automatically populated during new + * assignment filter process. The timestamp type represents date and time information using ISO 8601 format and is always + * in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. + */ + createdDateTime?: string; + // Optional description of the Assignment Filter. + description?: NullableOption; + // The name of the Assignment Filter. + displayName?: string; + /** + * Last modified time of the Assignment Filter. The timestamp type represents date and time information using ISO 8601 + * format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z' + */ + lastModifiedDateTime?: string; + // Indicates associated assignments for a specific filter. + payloads?: NullableOption; + /** + * Indicates filter is applied to which flatform. Possible values are + * android,androidForWork,iOS,macOS,windowsPhone81,windows81AndLater,windows10AndLater,androidWorkProfile, unknown, + * androidAOSP, androidMobileApplicationManagement, iOSMobileApplicationManagement, windowsMobileApplicationManagement. + * Default filter will be applied to 'unknown'. Possible values are: android, androidForWork, iOS, macOS, windowsPhone81, + * windows81AndLater, windows10AndLater, androidWorkProfile, unknown, androidAOSP, androidMobileApplicationManagement, + * iOSMobileApplicationManagement, unknownFutureValue, windowsMobileApplicationManagement. + */ + platform?: DevicePlatformType; + // Indicates role scope tags assigned for the assignment filter. + roleScopeTags?: NullableOption; + // Rule definition of the assignment filter. + rule?: string; +} +export interface DeviceAndAppManagementRoleAssignment extends RoleAssignment { + // The list of ids of role member security groups. These are IDs from Azure Active Directory. + members?: NullableOption; + // The set of Role Scope Tags defined on the Role Assignment. + roleScopeTags?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface DeviceAndAppManagementRoleDefinition extends RoleDefinition {} +export interface DeviceAppManagement extends Entity { + // Whether the account is enabled for syncing applications from the Microsoft Store for Business. + isEnabledForMicrosoftStoreForBusiness?: boolean; + /** + * The locale information used to sync applications from the Microsoft Store for Business. Cultures that are specific to a + * country/region. The names of these cultures follow RFC 4646 (Windows Vista and later). The format is + * -<country/regioncode2>, where is a lowercase two-letter code derived from ISO 639-1 and + * <country/regioncode2> is an uppercase two-letter code derived from ISO 3166. For example, en-US for + * English (United States) is a specific culture. + */ + microsoftStoreForBusinessLanguage?: NullableOption; + // The last time an application sync from the Microsoft Store for Business was completed. + microsoftStoreForBusinessLastCompletedApplicationSyncTime?: string; + // The last time the apps from the Microsoft Store for Business were synced successfully for the account. + microsoftStoreForBusinessLastSuccessfulSyncDateTime?: string; + /** + * The end user portal information is used to sync applications from the Microsoft Store for Business to Intune Company + * Portal. There are three options to pick from ['Company portal only', 'Company portal and private store', 'Private store + * only']. Possible values are: none, companyPortal, privateStore. + */ + microsoftStoreForBusinessPortalSelection?: MicrosoftStoreForBusinessPortalSelectionOptions; + // Android managed app policies. + androidManagedAppProtections?: NullableOption; + // Default managed app policies. + defaultManagedAppProtections?: NullableOption; + // Device app management tasks. + deviceAppManagementTasks?: NullableOption; + // The Windows Enterprise Code Signing Certificate. + enterpriseCodeSigningCertificates?: NullableOption; + // The IOS Lob App Provisioning Configurations. + iosLobAppProvisioningConfigurations?: NullableOption; + // iOS managed app policies. + iosManagedAppProtections?: NullableOption; + // Managed app policies. + managedAppPolicies?: NullableOption; + // The managed app registrations. + managedAppRegistrations?: NullableOption; + // The managed app statuses. + managedAppStatuses?: NullableOption; + // The mobile eBook categories. + managedEBookCategories?: NullableOption; + // The Managed eBook. + managedEBooks?: NullableOption; + // Windows information protection for apps running on devices which are MDM enrolled. + mdmWindowsInformationProtectionPolicies?: NullableOption; + // MobileAppCatalogPackage entities. + mobileAppCatalogPackages?: NullableOption; + // The mobile app categories. + mobileAppCategories?: NullableOption; + // The Managed Device Mobile Application Configurations. + mobileAppConfigurations?: NullableOption; + // The mobile apps. + mobileApps?: NullableOption; + // The PolicySet of Policies and Applications + policySets?: NullableOption; + // The WinPhone Symantec Code Signing Certificate. + symantecCodeSigningCertificate?: NullableOption; + // Targeted managed app configurations. + targetedManagedAppConfigurations?: NullableOption; + // List of Vpp tokens for this organization. + vppTokens?: NullableOption; + // The collection of Windows Defender Application Control Supplemental Policies. + wdacSupplementalPolicies?: NullableOption; + // Windows information protection device registrations that are not MDM enrolled. + windowsInformationProtectionDeviceRegistrations?: NullableOption; + // Windows information protection for apps running on devices which are not MDM enrolled. + windowsInformationProtectionPolicies?: NullableOption; + // Windows information protection wipe actions. + windowsInformationProtectionWipeActions?: NullableOption; + // Windows managed app policies. + windowsManagedAppProtections?: NullableOption; + // Windows management app. + windowsManagementApp?: NullableOption; +} +export interface DeviceAppManagementTask extends Entity { + // The name or email of the admin this task is assigned to. + assignedTo?: NullableOption; + // The category. Possible values are: unknown, advancedThreatProtection. + category?: DeviceAppManagementTaskCategory; + // The created date. + createdDateTime?: string; + // The email address of the creator. + creator?: NullableOption; + // Notes from the creator. + creatorNotes?: NullableOption; + // The description. + description?: NullableOption; + // The name. + displayName?: NullableOption; + // The due date. + dueDateTime?: string; + // The priority. Possible values are: none, high, low. + priority?: DeviceAppManagementTaskPriority; + // The status. Possible values are: unknown, pending, active, completed, rejected. + status?: DeviceAppManagementTaskStatus; +} +export interface DeviceCategory extends Entity { + // Optional description for the device category. + description?: NullableOption; + // Display name for the device category. + displayName?: NullableOption; + // Optional role scope tags for the device category. + roleScopeTagIds?: NullableOption; +} +export interface DeviceComanagementAuthorityConfiguration extends DeviceEnrollmentConfiguration { + // CoManagement Authority configuration ConfigurationManagerAgentCommandLineArgument + configurationManagerAgentCommandLineArgument?: NullableOption; + // CoManagement Authority configuration InstallConfigurationManagerAgent + installConfigurationManagerAgent?: boolean; + // CoManagement Authority configuration ManagedDeviceAuthority + managedDeviceAuthority?: number; +} +export interface DeviceComplianceActionItem extends Entity { + /** + * What action to take. Possible values are: noAction, notification, block, retire, wipe, removeResourceAccessProfiles, + * pushNotification, remoteLock. + */ + actionType?: DeviceComplianceActionType; + // Number of hours to wait till the action will be enforced. Valid values 0 to 8760 + gracePeriodHours?: number; + // A list of group IDs to speicify who to CC this notification message to. + notificationMessageCCList?: NullableOption; + // What notification Message template to use + notificationTemplateId?: NullableOption; +} +export interface DeviceComplianceDeviceOverview extends Entity { + // Version of the policy for that overview + configurationVersion?: number; + // Number of devices in conflict + conflictCount?: number; + // Number of error devices + errorCount?: number; + // Number of failed devices + failedCount?: number; + // Last update time + lastUpdateDateTime?: string; + // Number of not applicable devices + notApplicableCount?: number; + // Number of not applicable devices due to mismatch platform and policy + notApplicablePlatformCount?: number; + // Number of pending devices + pendingCount?: number; + // Number of succeeded devices + successCount?: number; +} +export interface DeviceComplianceDeviceStatus extends Entity { + // The DateTime when device compliance grace period expires + complianceGracePeriodExpirationDateTime?: string; + // Device name of the DevicePolicyStatus. deviceDisplayName?: NullableOption; - // IMEI of the device. - deviceIMEI?: NullableOption; - // Upn of the device owner. - deviceOwnerUserPrincipalName?: NullableOption; - // User who initiated the device action, format is UPN. - initiatedByUserPrincipalName?: NullableOption; - // Action target. - managedDeviceId?: NullableOption; - // Time when the action was issued, given in UTC. - requestDateTime?: string; - // [deprecated] Please use InitiatedByUserPrincipalName instead. + // The device model that is being reported + deviceModel?: NullableOption; + // Last modified date time of the policy report. + lastReportedDateTime?: string; + // Platform of the device that is being reported + platform?: number; + /** + * Compliance status of the policy report. Possible values are: unknown, notApplicable, compliant, remediated, + * nonCompliant, error, conflict, notAssigned. + */ + status?: ComplianceStatus; + // The User Name that is being reported userName?: NullableOption; + // UserPrincipalName. + userPrincipalName?: NullableOption; +} +export interface DeviceCompliancePolicy extends Entity { + // DateTime the object was created. + createdDateTime?: string; + // Admin provided description of the Device Configuration. + description?: NullableOption; + // Admin provided name of the device configuration. + displayName?: string; + // DateTime the object was last modified. + lastModifiedDateTime?: string; + // List of Scope Tags for this Entity instance. + roleScopeTagIds?: NullableOption; + // Version of the device configuration. + version?: number; + // The collection of assignments for this compliance policy. + assignments?: NullableOption; + // Compliance Setting State Device Summary + deviceSettingStateSummaries?: NullableOption; + // List of DeviceComplianceDeviceStatus. + deviceStatuses?: NullableOption; + // Device compliance devices status overview + deviceStatusOverview?: NullableOption; + // The list of scheduled action for this rule + scheduledActionsForRule?: NullableOption; + // List of DeviceComplianceUserStatus. + userStatuses?: NullableOption; + // Device compliance users status overview + userStatusOverview?: NullableOption; +} +export interface DeviceCompliancePolicyAssignment extends Entity { + /** + * The assignment source for the device compliance policy, direct or parcel/policySet. Possible values are: direct, + * policySets. + */ + source?: DeviceAndAppManagementAssignmentSource; + // The identifier of the source of the assignment. + sourceId?: NullableOption; + // Target for the compliance policy assignment. + target?: NullableOption; +} +export interface DeviceCompliancePolicyDeviceStateSummary extends Entity { + // Number of compliant devices + compliantDeviceCount?: number; + // Number of devices that have compliance managed by System Center Configuration Manager + configManagerCount?: number; + // Number of conflict devices + conflictDeviceCount?: number; + // Number of error devices + errorDeviceCount?: number; + // Number of devices that are in grace period + inGracePeriodCount?: number; + // Number of NonCompliant devices + nonCompliantDeviceCount?: number; + // Number of not applicable devices + notApplicableDeviceCount?: number; + // Number of remediated devices + remediatedDeviceCount?: number; + // Number of unknown devices + unknownDeviceCount?: number; +} +export interface DeviceCompliancePolicyGroupAssignment extends Entity { + // Indicates if this group is should be excluded. Defaults that the group should be included + excludeGroup?: boolean; + // The Id of the AAD group we are targeting the device compliance policy to. + targetGroupId?: NullableOption; + // The navigation link to the device compliance polic targeted. + deviceCompliancePolicy?: NullableOption; } // tslint:disable-next-line: no-empty-interface -export interface TenantAttachRBAC extends Entity {} -export interface UserExperienceAnalyticsAnomaly extends Entity { - // Indicates the first occurrence date and time for the anomaly. - anomalyFirstOccurrenceDateTime?: string; - // The unique identifier of the anomaly. - anomalyId?: NullableOption; - // Indicates the latest occurrence date and time for the anomaly. - anomalyLatestOccurrenceDateTime?: string; - // The name of the anomaly. - anomalyName?: NullableOption; +export interface DeviceCompliancePolicyPolicySetItem extends PolicySetItem {} +export interface DeviceCompliancePolicySettingStateSummary extends Entity { + // Number of compliant devices + compliantDeviceCount?: number; + // Number of conflict devices + conflictDeviceCount?: number; + // Number of error devices + errorDeviceCount?: number; + // Number of NonCompliant devices + nonCompliantDeviceCount?: number; + // Number of not applicable devices + notApplicableDeviceCount?: number; /** - * The category of the anomaly. Possible values are: device, application, stopError, driver or other. Possible values are: - * device, application, stopError, driver, other, unknownFutureValue. + * Setting platform. Possible values are: android, androidForWork, iOS, macOS, windowsPhone81, windows81AndLater, + * windows10AndLater, androidWorkProfile, windows10XProfile, androidAOSP, all. */ - anomalyType?: UserExperienceAnalyticsAnomalyType; - // The name of the application or module that caused the anomaly. - assetName?: NullableOption; - // The publisher of the application or module that caused the anomaly. - assetPublisher?: NullableOption; - // The version of the application or module that caused the anomaly. - assetVersion?: NullableOption; - // The unique identifier of the anomaly detection model. - detectionModelId?: NullableOption; - // The number of devices impacted by the anomaly. Valid values -2147483648 to 2147483647 - deviceImpactedCount?: number; - // The unique identifier of the anomaly detection model. - issueId?: NullableOption; + platformType?: PolicyPlatformType; + // Number of remediated devices + remediatedDeviceCount?: number; + // The setting class name and property name. + setting?: NullableOption; + // Name of the setting. + settingName?: NullableOption; + // Number of unknown devices + unknownDeviceCount?: number; + deviceComplianceSettingStates?: NullableOption; +} +export interface DeviceCompliancePolicyState extends Entity { + // The name of the policy for this policyBase + displayName?: NullableOption; + // Platform type that the policy applies to + platformType?: PolicyPlatformType; + // Count of how many setting a policy holds + settingCount?: number; + settingStates?: NullableOption; + // The compliance state of the policy + state?: ComplianceStatus; + // User unique identifier, must be Guid + userId?: NullableOption; + // User Principal Name + userPrincipalName?: NullableOption; + // The version of the policy + version?: number; +} +export interface DeviceComplianceScheduledActionForRule extends Entity { /** - * The severity of the anomaly. Possible values are: high, medium, low, informational or other. Possible values are: high, - * medium, low, informational, other, unknownFutureValue. + * Name of the rule which this scheduled action applies to. Currently scheduled actions are created per policy instead of + * per rule, thus RuleName is always set to default value PasswordRequired. */ - severity?: UserExperienceAnalyticsAnomalySeverity; + ruleName?: NullableOption; /** - * The state of the anomaly. Possible values are: new, active, disabled, removed or other. Possible values are: new, - * active, disabled, removed, other, unknownFutureValue. + * The list of scheduled action configurations for this compliance policy. Compliance policy must have one and only one + * block scheduled action. */ - state?: UserExperienceAnalyticsAnomalyState; + scheduledActionConfigurations?: NullableOption; } -export interface UserExperienceAnalyticsAnomalyCorrelationGroupOverview extends Entity { - // Indicates the number of correlation groups in the anomaly. Valid values -2147483648 to 2147483647 - anomalyCorrelationGroupCount?: number; - /** - * The unique identifier of the anomaly. Anomaly details such as name and type can be found in the - * UserExperienceAnalyticsAnomalySeverityOverview entity. - */ - anomalyId?: NullableOption; +export interface DeviceComplianceScript extends Entity { + // The timestamp of when the device compliance script was created. This property is read-only. + createdDateTime?: string; + // Description of the device compliance script + description?: NullableOption; + // The entire content of the detection powershell script + detectionScriptContent?: NullableOption; + // Name of the device compliance script + displayName?: NullableOption; + // Indicate whether the script signature needs be checked + enforceSignatureCheck?: boolean; + // The timestamp of when the device compliance script was modified. This property is read-only. + lastModifiedDateTime?: string; + // Name of the device compliance script publisher + publisher?: NullableOption; + // List of Scope Tag IDs for the device compliance script + roleScopeTagIds?: NullableOption; + // Indicate whether PowerShell script(s) should run as 32-bit + runAs32Bit?: boolean; + // Indicates the type of execution context. Possible values are: system, user. + runAsAccount?: RunAsAccountType; + // Version of the device compliance script + version?: NullableOption; + // The list of group assignments for the device compliance script + assignments?: NullableOption; + // List of run states for the device compliance script across all devices + deviceRunStates?: NullableOption; + // High level run summary for device compliance script. + runSummary?: NullableOption; +} +export interface DeviceComplianceScriptDeviceState extends Entity { /** - * Indicates the total number of devices affected by the anomaly in the correlation group. Valid values -2147483648 to - * 2147483647 + * Detection state from the lastest device compliance script execution. Possible values are: unknown, success, fail, + * scriptError, pending, notApplicable. */ - correlationGroupAnomalousDeviceCount?: number; - // Indicates the total number of devices at risk in the correlation group. Valid values -2147483648 to 2147483647 - correlationGroupAtRiskDeviceCount?: number; - // Indicates the total number of devices in a correlation group. Valid values -2147483648 to 2147483647 - correlationGroupDeviceCount?: number; - // Describes the features of a device that are shared between all devices in a correlation group. - correlationGroupFeatures?: NullableOption; + detectionState?: RunState; + // The next timestamp of when the device compliance script is expected to execute + expectedStateUpdateDateTime?: NullableOption; + // The last timestamp of when the device compliance script executed + lastStateUpdateDateTime?: string; + // The last time that Intune Managment Extension synced with Intune + lastSyncDateTime?: string; + // Error from the detection script + scriptError?: NullableOption; + // Output of the detection script + scriptOutput?: NullableOption; + // The managed device on which the device compliance script executed + managedDevice?: NullableOption; +} +export interface DeviceComplianceScriptRunSummary extends Entity { /** - * The unique identifier for the correlation group which will uniquely identify one of the correlation group within an - * anomaly. The correlation Id can be mapped to the correlation group name by concatinating the correlation group - * features. Example of correlation group name which is the indicative of concatenated features names are for names, - * Contoso manufacture 4.4.1 and Windows 11.22621.1485. + * Number of devices on which the detection script execution encountered an error and did not complete. Valid values + * -2147483648 to 2147483647 */ - correlationGroupId?: NullableOption; + detectionScriptErrorDeviceCount?: number; /** - * The prevalence of the correlation group. Possible values are: high, medium or low. Possible values are: high, medium, - * low, unknownFutureValue. + * Number of devices which have not yet run the latest version of the device compliance script. Valid values -2147483648 + * to 2147483647 */ - correlationGroupPrevalence?: UserExperienceAnalyticsAnomalyCorrelationGroupPrevalence; + detectionScriptPendingDeviceCount?: number; + // Number of devices for which the detection script found an issue. Valid values -2147483648 to 2147483647 + issueDetectedDeviceCount?: number; + // Last run time for the script across all devices + lastScriptRunDateTime?: NullableOption; /** - * The percentage of the devices in the correlation group that are anomalous. Valid values -1.79769313486232E+308 to - * 1.79769313486232E+308 + * Number of devices for which the detection script did not find an issue and the device is healthy. Valid values + * -2147483648 to 2147483647 */ - correlationGroupPrevalencePercentage?: number; - // Indicates the total number of devices in the tenant. Valid values -2147483648 to 2147483647 - totalDeviceCount?: number; + noIssueDetectedDeviceCount?: number; } -export interface UserExperienceAnalyticsAnomalyDevice extends Entity { - // The unique identifier of the anomaly. - anomalyId?: NullableOption; - // Indicates the first occurance date and time for the anomaly on the device. - anomalyOnDeviceFirstOccurrenceDateTime?: string; - // Indicates the latest occurance date and time for the anomaly on the device. - anomalyOnDeviceLatestOccurrenceDateTime?: string; - // The unique identifier of the correlation group. - correlationGroupId?: NullableOption; - // The unique identifier of the device. +export interface DeviceComplianceSettingState extends Entity { + // The DateTime when device compliance grace period expires + complianceGracePeriodExpirationDateTime?: string; + // The Device Id that is being reported deviceId?: NullableOption; - // The manufacturer name of the device. - deviceManufacturer?: NullableOption; - // The model name of the device. + // The device model that is being reported deviceModel?: NullableOption; - // The name of the device. + // The Device Name that is being reported deviceName?: NullableOption; /** - * Indicates the device status with respect to the correlation group. At risk devices are devices that share correlation - * group features but may not yet be affected by an anomaly, such as when a device is experiencing crashes on an - * application but that application has not been used on the device but is currently installed. This could lead to the - * device becoming anomalous if the application in question were to be used. Possible values are: anomolous, affected or - * atRisk. Possible values are: anomalous, affected, atRisk, unknownFutureValue. - */ - deviceStatus?: UserExperienceAnalyticsDeviceStatus; - // The name of the OS installed on the device. - osName?: NullableOption; - // The OS version installed on the device. - osVersion?: NullableOption; -} -export interface UserExperienceAnalyticsAppHealthApplicationPerformance extends Entity { - /** - * The health score of the application. Valid values 0 to 100. Supports: $filter, $select, $OrderBy. Read-only. Valid - * values -2147483648 to 2147483647 - */ - activeDeviceCount?: number; - /** - * The number of crashes for the application. Valid values 0 to 2147483647. Supports: $select, $OrderBy. Read-only. Valid - * values -2147483648 to 2147483647 - */ - appCrashCount?: number; - // The friendly name of the application. Possible values are: Outlook, Excel. Supports: $select, $OrderBy. Read-only. - appDisplayName?: NullableOption; - // The number of hangs for the application. Supports: $select, $OrderBy. Read-only. Valid values -2147483648 to 2147483647 - appHangCount?: number; - /** - * The health score of the application. Valid values 0 to 100. Supports: $filter, $select, $OrderBy. Read-only. Valid - * values -1.79769313486232E+308 to 1.79769313486232E+308 - */ - appHealthScore?: number; - // The name of the application. Possible values are: outlook.exe, excel.exe. Supports: $select, $OrderBy. Read-only. - appName?: NullableOption; - // The publisher of the application. Supports: $select, $OrderBy. Read-only. - appPublisher?: NullableOption; - /** - * The total usage time of the application in minutes. Valid values 0 to 2147483647. Supports: $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 + * Device platform type. Possible values are: desktop, windowsRT, winMO6, nokia, windowsPhone, mac, winCE, winEmbedded, + * iPhone, iPad, iPod, android, iSocConsumer, unix, macMDM, holoLens, surfaceHub, androidForWork, androidEnterprise, + * windows10x, androidnGMS, chromeOS, linux, blackberry, palm, unknown, cloudPC. */ - appUsageDuration?: number; + platformType?: DeviceType; + // The setting class name and property name. + setting?: NullableOption; + // The Setting Name that is being reported + settingName?: NullableOption; /** - * The mean time to failure for the application in minutes. Valid values 0 to 2147483647. Supports: $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 + * The compliance state of the setting. Possible values are: unknown, notApplicable, compliant, remediated, nonCompliant, + * error, conflict, notAssigned. */ - meanTimeToFailureInMinutes?: number; + state?: ComplianceStatus; + // The User email address that is being reported + userEmail?: NullableOption; + // The user Id that is being reported + userId?: NullableOption; + // The User Name that is being reported + userName?: NullableOption; + // The User PrincipalName that is being reported + userPrincipalName?: NullableOption; } -export interface UserExperienceAnalyticsAppHealthAppPerformanceByAppVersion extends Entity { - /** - * The number of crashes for the application. Valid values 0 to 2147483647. Supports: $select, $OrderBy. Read-only. Valid - * values -2147483648 to 2147483647 - */ - appCrashCount?: number; - // The friendly name of the application. Possible values are: Outlook, Excel. Supports: $select, $OrderBy. Read-only. - appDisplayName?: NullableOption; - // The name of the application. Possible values are: outlook.exe, excel.exe. Supports: $select, $OrderBy. Read-only. - appName?: NullableOption; - // The publisher of the application. Supports: $select, $OrderBy. Read-only. - appPublisher?: NullableOption; - /** - * The total usage time of the application in minutes. Valid values 0 to 2147483647. Supports: $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 - */ - appUsageDuration?: number; - // The version of the application. - appVersion?: NullableOption; - /** - * The mean time to failure for the application in minutes. Valid values 0 to 2147483647. Supports: $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 - */ - meanTimeToFailureInMinutes?: number; +export interface DeviceComplianceUserOverview extends Entity { + // Version of the policy for that overview + configurationVersion?: number; + // Number of users in conflict + conflictCount?: number; + // Number of error Users + errorCount?: number; + // Number of failed Users + failedCount?: number; + // Last update time + lastUpdateDateTime?: string; + // Number of not applicable users + notApplicableCount?: number; + // Number of pending Users + pendingCount?: number; + // Number of succeeded Users + successCount?: number; } -export interface UserExperienceAnalyticsAppHealthAppPerformanceByAppVersionDetails extends Entity { - // The number of crashes for the app. Valid values -2147483648 to 2147483647 - appCrashCount?: number; - // The friendly name of the application. - appDisplayName?: NullableOption; - // The name of the application. - appName?: NullableOption; - // The publisher of the application. - appPublisher?: NullableOption; - // The version of the application. - appVersion?: NullableOption; +export interface DeviceComplianceUserStatus extends Entity { + // Devices count for that user. + devicesCount?: number; + // Last modified date time of the policy report. + lastReportedDateTime?: string; /** - * The total number of devices that have reported one or more application crashes for this application and version. Valid - * values 0 to 2147483647. Supports: $select, $OrderBy. Read-only. Valid values -2147483648 to 2147483647 + * Compliance status of the policy report. Possible values are: unknown, notApplicable, compliant, remediated, + * nonCompliant, error, conflict, notAssigned. */ - deviceCountWithCrashes?: number; + status?: ComplianceStatus; + // User name of the DevicePolicyStatus. + userDisplayName?: NullableOption; + // UserPrincipalName. + userPrincipalName?: NullableOption; +} +export interface DeviceConfiguration extends Entity { + // DateTime the object was created. + createdDateTime?: string; + // Admin provided description of the Device Configuration. + description?: NullableOption; + // The device mode applicability rule for this Policy. + deviceManagementApplicabilityRuleDeviceMode?: NullableOption; + // The OS edition applicability for this Policy. + deviceManagementApplicabilityRuleOsEdition?: NullableOption; + // The OS version applicability rule for this Policy. + deviceManagementApplicabilityRuleOsVersion?: NullableOption; + // Admin provided name of the device configuration. + displayName?: string; + // DateTime the object was last modified. + lastModifiedDateTime?: string; + // List of Scope Tags for this Entity instance. + roleScopeTagIds?: NullableOption; /** - * When TRUE, indicates the version of application is the latest version for that application that is in use. When FALSE, - * indicates the version is not the latest version. FALSE by default. Supports: $select, $OrderBy. + * Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the + * ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This + * occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the + * Azure Portal. This property is read-only. */ - isLatestUsedVersion?: boolean; + supportsScopeTags?: boolean; + // Version of the device configuration. + version?: number; + // The list of assignments for the device configuration profile. + assignments?: NullableOption; + // Device Configuration Setting State Device Summary + deviceSettingStateSummaries?: NullableOption; + // Device configuration installation status by device. + deviceStatuses?: NullableOption; + // Device Configuration devices status overview + deviceStatusOverview?: NullableOption; + // The list of group assignments for the device configuration profile. + groupAssignments?: NullableOption; + // Device configuration installation status by user. + userStatuses?: NullableOption; + // Device Configuration users status overview + userStatusOverview?: NullableOption; +} +export interface DeviceConfigurationAssignment extends Entity { + // The admin intent to apply or remove the profile. Possible values are: apply, remove. + intent?: NullableOption; /** - * When TRUE, indicates the version of application is the most used version for that application. When FALSE, indicates - * the version is not the most used version. FALSE by default. Supports: $select, $OrderBy. Read-only. + * The assignment source for the device configuration, direct or parcel/policySet. This property is read-only. Possible + * values are: direct, policySets. */ - isMostUsedVersion?: boolean; + source?: DeviceAndAppManagementAssignmentSource; + // The identifier of the source of the assignment. This property is read-only. + sourceId?: NullableOption; + // The assignment target for the device configuration. + target?: NullableOption; } -export interface UserExperienceAnalyticsAppHealthAppPerformanceByAppVersionDeviceId extends Entity { - // The number of crashes for the app. Valid values -2147483648 to 2147483647 - appCrashCount?: number; - // The friendly name of the application. - appDisplayName?: NullableOption; - // The name of the application. - appName?: NullableOption; - // The publisher of the application. - appPublisher?: NullableOption; - // The version of the application. - appVersion?: NullableOption; - // The name of the device. Supports: $select, $OrderBy. Read-only. +export interface DeviceConfigurationConflictSummary extends Entity { + // The set of policies in conflict with the given setting + conflictingDeviceConfigurations?: NullableOption; + // The set of settings in conflict with the given policies + contributingSettings?: NullableOption; + // The count of checkins impacted by the conflicting policies and settings + deviceCheckinsImpacted?: number; +} +export interface DeviceConfigurationDeviceOverview extends Entity { + // Version of the policy for that overview + configurationVersion?: number; + // Number of devices in conflict + conflictCount?: number; + // Number of error devices + errorCount?: number; + // Number of failed devices + failedCount?: number; + // Last update time + lastUpdateDateTime?: string; + // Number of not applicable devices + notApplicableCount?: number; + // Number of not applicable devices due to mismatch platform and policy + notApplicablePlatformCount?: number; + // Number of pending devices + pendingCount?: number; + // Number of succeeded devices + successCount?: number; +} +export interface DeviceConfigurationDeviceStateSummary extends Entity { + // Number of compliant devices + compliantDeviceCount?: number; + // Number of conflict devices + conflictDeviceCount?: number; + // Number of error devices + errorDeviceCount?: number; + // Number of NonCompliant devices + nonCompliantDeviceCount?: number; + // Number of not applicable devices + notApplicableDeviceCount?: number; + // Number of remediated devices + remediatedDeviceCount?: number; + // Number of unknown devices + unknownDeviceCount?: number; +} +export interface DeviceConfigurationDeviceStatus extends Entity { + // The DateTime when device compliance grace period expires + complianceGracePeriodExpirationDateTime?: string; + // Device name of the DevicePolicyStatus. deviceDisplayName?: NullableOption; - // The Intune device id of the device. Supports: $select, $OrderBy. Read-only. - deviceId?: NullableOption; + // The device model that is being reported + deviceModel?: NullableOption; + // Last modified date time of the policy report. + lastReportedDateTime?: string; + // Platform of the device that is being reported + platform?: number; /** - * The date and time when the statistics were last computed. The value cannot be modified and is automatically populated - * when the statistics are computed. The Timestamp type represents date and time information using ISO 8601 format and is - * always in UTC time. For example, midnight UTC on Jan 1, 2022 would look like this: '2022-01-01T00:00:00Z'. Returned by - * default. Read-only. + * Compliance status of the policy report. Possible values are: unknown, notApplicable, compliant, remediated, + * nonCompliant, error, conflict, notAssigned. */ - processedDateTime?: string; + status?: ComplianceStatus; + // The User Name that is being reported + userName?: NullableOption; + // UserPrincipalName. + userPrincipalName?: NullableOption; } -export interface UserExperienceAnalyticsAppHealthAppPerformanceByOSVersion extends Entity { - /** - * The number of devices where the application has been active. Valid values 0 to 2147483647. Supports: $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 - */ - activeDeviceCount?: number; +export interface DeviceConfigurationGroupAssignment extends Entity { + // Indicates if this group is should be excluded. Defaults that the group should be included + excludeGroup?: boolean; + // The Id of the AAD group we are targeting the device configuration to. + targetGroupId?: NullableOption; + // The navigation link to the Device Configuration being targeted. + deviceConfiguration?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface DeviceConfigurationPolicySetItem extends PolicySetItem {} +export interface DeviceConfigurationState extends Entity { + // The name of the policy for this policyBase + displayName?: NullableOption; + // Platform type that the policy applies to + platformType?: PolicyPlatformType; + // Count of how many setting a policy holds + settingCount?: number; + settingStates?: NullableOption; + // The compliance state of the policy + state?: ComplianceStatus; + // User unique identifier, must be Guid + userId?: NullableOption; + // User Principal Name + userPrincipalName?: NullableOption; + // The version of the policy + version?: number; +} +export interface DeviceConfigurationUserOverview extends Entity { + // Version of the policy for that overview + configurationVersion?: number; + // Number of users in conflict + conflictCount?: number; + // Number of error Users + errorCount?: number; + // Number of failed Users + failedCount?: number; + // Last update time + lastUpdateDateTime?: string; + // Number of not applicable users + notApplicableCount?: number; + // Number of pending Users + pendingCount?: number; + // Number of succeeded Users + successCount?: number; +} +export interface DeviceConfigurationUserStateSummary extends Entity { + // Number of compliant users + compliantUserCount?: number; + // Number of conflict users + conflictUserCount?: number; + // Number of error users + errorUserCount?: number; + // Number of NonCompliant users + nonCompliantUserCount?: number; + // Number of not applicable users + notApplicableUserCount?: number; + // Number of remediated users + remediatedUserCount?: number; + // Number of unknown users + unknownUserCount?: number; +} +export interface DeviceConfigurationUserStatus extends Entity { + // Devices count for that user. + devicesCount?: number; + // Last modified date time of the policy report. + lastReportedDateTime?: string; /** - * The number of crashes for the application. Valid values 0 to 2147483647. Supports: $select, $OrderBy. Read-only. Valid - * values -2147483648 to 2147483647 + * Compliance status of the policy report. Possible values are: unknown, notApplicable, compliant, remediated, + * nonCompliant, error, conflict, notAssigned. */ - appCrashCount?: number; - // The friendly name of the application. Possible values are: Outlook, Excel. Supports: $select, $OrderBy. Read-only. - appDisplayName?: NullableOption; - // The name of the application. Possible values are: outlook.exe, excel.exe. Supports: $select, $OrderBy. Read-only. - appName?: NullableOption; - // The publisher of the application. Supports: $select, $OrderBy. Read-only. - appPublisher?: NullableOption; + status?: ComplianceStatus; + // User name of the DevicePolicyStatus. + userDisplayName?: NullableOption; + // UserPrincipalName. + userPrincipalName?: NullableOption; +} +export interface DeviceCustomAttributeShellScript extends Entity { + // The date and time the device management script was created. This property is read-only. + createdDateTime?: string; + // The name of the custom attribute. + customAttributeName?: NullableOption; + // The expected type of the custom attribute's value. Possible values are: integer, string, dateTime. + customAttributeType?: DeviceCustomAttributeValueType; + // Optional description for the device management script. + description?: NullableOption; + // Name of the device management script. + displayName?: NullableOption; + // Script file name. + fileName?: NullableOption; + // The date and time the device management script was last modified. This property is read-only. + lastModifiedDateTime?: string; + // List of Scope Tag IDs for this PowerShellScript instance. + roleScopeTagIds?: NullableOption; + // Indicates the type of execution context. Possible values are: system, user. + runAsAccount?: RunAsAccountType; + // The script content. + scriptContent?: NullableOption; + // The list of group assignments for the device management script. + assignments?: NullableOption; + // List of run states for this script across all devices. + deviceRunStates?: NullableOption; + // The list of group assignments for the device management script. + groupAssignments?: NullableOption; + // Run summary for device management script. + runSummary?: NullableOption; + // List of run states for this script across all users. + userRunStates?: NullableOption; +} +export interface DeviceEnrollmentConfiguration extends Entity { + // Created date time in UTC of the device enrollment configuration + createdDateTime?: string; + // The description of the device enrollment configuration + description?: NullableOption; /** - * The total usage time of the application in minutes. Valid values 0 to 2147483647. Supports: $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 + * Support for Enrollment Configuration Type. Possible values are: unknown, limit, platformRestrictions, + * windowsHelloForBusiness, defaultLimit, defaultPlatformRestrictions, defaultWindowsHelloForBusiness, + * defaultWindows10EnrollmentCompletionPageConfiguration, windows10EnrollmentCompletionPageConfiguration, + * deviceComanagementAuthorityConfiguration, singlePlatformRestriction, unknownFutureValue, + * enrollmentNotificationsConfiguration. */ - appUsageDuration?: number; + deviceEnrollmentConfigurationType?: DeviceEnrollmentConfigurationType; + // The display name of the device enrollment configuration + displayName?: NullableOption; + // Last modified date time in UTC of the device enrollment configuration + lastModifiedDateTime?: string; /** - * The mean time to failure for the application in minutes. Valid values 0 to 2147483647. Supports: $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 + * Priority is used when a user exists in multiple groups that are assigned enrollment configuration. Users are subject + * only to the configuration with the lowest priority value. */ - meanTimeToFailureInMinutes?: number; - // The OS build number of the application. Supports: $select, $OrderBy. Read-only. - osBuildNumber?: NullableOption; - // The OS version of the application. Supports: $select, $OrderBy. Read-only. - osVersion?: NullableOption; + priority?: number; + // Optional role scope tags for the enrollment restrictions. + roleScopeTagIds?: NullableOption; + // The version of the device enrollment configuration + version?: number; + // The list of group assignments for the device configuration profile + assignments?: NullableOption; } -export interface UserExperienceAnalyticsAppHealthDeviceModelPerformance extends Entity { - /** - * The number of active devices for the model. Valid values 0 to 2147483647. Supports: $filter, $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 - */ - activeDeviceCount?: number; - // The manufacturer name of the device. Supports: $select, $OrderBy. Read-only. - deviceManufacturer?: NullableOption; - // The model name of the device. Supports: $select, $OrderBy. Read-only. - deviceModel?: NullableOption; +export interface DeviceEnrollmentLimitConfiguration extends DeviceEnrollmentConfiguration { + // The maximum number of devices that a user can enroll + limit?: number; +} +export interface DeviceEnrollmentNotificationConfiguration extends DeviceEnrollmentConfiguration { /** - * The health state of the user experience analytics model. Possible values are: unknown, insufficientData, - * needsAttention, meetingGoals. Unknown by default. Supports: $filter, $select, $OrderBy. Read-only. Possible values are: - * unknown, insufficientData, needsAttention, meetingGoals, unknownFutureValue. + * Branding Options for the Enrollment Notification. Possible values are: none, includeCompanyLogo, includeCompanyName, + * includeContactInformation, includeCompanyPortalLink, includeDeviceDetails, unknownFutureValue. */ - healthStatus?: UserExperienceAnalyticsHealthState; + brandingOptions?: EnrollmentNotificationBrandingOptions; + // DefaultLocale for the Enrollment Notification + defaultLocale?: NullableOption; + // Notification Message Template Id + notificationMessageTemplateId?: string; + // The list of notification data - + notificationTemplates?: NullableOption; /** - * The mean time to failure for the application in minutes. Valid values 0 to 2147483647. Supports: $filter, $select, - * $OrderBy. Read-only. Valid values -2147483648 to 2147483647 + * Platform type of the Enrollment Notification. Possible values are: allPlatforms, ios, windows, windowsPhone, android, + * androidForWork, mac, linux, unknownFutureValue. */ - meanTimeToFailureInMinutes?: number; + platformType?: EnrollmentRestrictionPlatformType; + // Template type of the Enrollment Notification. Possible values are: email, push, unknownFutureValue. + templateType?: EnrollmentNotificationTemplateType; +} +export interface DeviceEnrollmentPlatformRestrictionConfiguration extends DeviceEnrollmentConfiguration { + // Restrictions based on platform, platform operating system version, and device ownership + platformRestriction?: NullableOption; /** - * The application health score of the device model. Valid values 0 to 100. Supports: $filter, $select, $OrderBy. - * Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Type of platform for which this restriction applies. Possible values are: allPlatforms, ios, windows, windowsPhone, + * android, androidForWork, mac, linux, unknownFutureValue. */ - modelAppHealthScore?: number; + platformType?: EnrollmentRestrictionPlatformType; } -export interface UserExperienceAnalyticsAppHealthDevicePerformance extends Entity { +export interface DeviceEnrollmentPlatformRestrictionsConfiguration extends DeviceEnrollmentConfiguration { + // Android for work restrictions based on platform, platform operating system version, and device ownership + androidForWorkRestriction?: NullableOption; + // Android restrictions based on platform, platform operating system version, and device ownership + androidRestriction?: NullableOption; + // Ios restrictions based on platform, platform operating system version, and device ownership + iosRestriction?: NullableOption; + // Mac restrictions based on platform, platform operating system version, and device ownership + macOSRestriction?: NullableOption; + // Mac restrictions based on platform, platform operating system version, and device ownership + macRestriction?: NullableOption; + // Windows Home Sku restrictions based on platform, platform operating system version, and device ownership + windowsHomeSkuRestriction?: NullableOption; + // Windows mobile restrictions based on platform, platform operating system version, and device ownership + windowsMobileRestriction?: NullableOption; + // Windows restrictions based on platform, platform operating system version, and device ownership + windowsRestriction?: NullableOption; +} +export interface DeviceEnrollmentWindowsHelloForBusinessConfiguration extends DeviceEnrollmentConfiguration { /** - * The number of application crashes for the device. Valid values 0 to 2147483647. Supports: $filter, $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 + * Controls the ability to use the anti-spoofing features for facial recognition on devices which support it. If set to + * disabled, anti-spoofing features are not allowed. If set to Not Configured, the user can choose whether they want to + * use anti-spoofing. Possible values are: notConfigured, enabled, disabled. */ - appCrashCount?: number; + enhancedBiometricsState?: Enablement; + // Setting to configure Enhanced sign-in security. Default is Not Configured + enhancedSignInSecurity?: number; /** - * The number of application hangs for the device. Valid values 0 to 2147483647. Supports: $select, $OrderBy. Read-only. - * Valid values -2147483648 to 2147483647 + * Controls the period of time (in days) that a PIN can be used before the system requires the user to change it. This + * must be set between 0 and 730, inclusive. If set to 0, the user's PIN will never expire */ - appHangCount?: number; + pinExpirationInDays?: number; /** - * The number of distinct application crashes for the device. Valid values 0 to 2147483647. Supports: $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 + * Controls the ability to use lowercase letters in the Windows Hello for Business PIN. Allowed permits the use of + * lowercase letter(s), whereas Required ensures they are present. If set to Not Allowed, lowercase letters will not be + * permitted. Possible values are: allowed, required, disallowed. */ - crashedAppCount?: number; + pinLowercaseCharactersUsage?: WindowsHelloForBusinessPinUsage; /** - * The application health score of the device. Valid values 0 to 100. Supports: $filter, $select, $OrderBy. Read-only. - * Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Controls the maximum number of characters allowed for the Windows Hello for Business PIN. This value must be between 4 + * and 127, inclusive. This value must be greater than or equal to the value set for the minimum PIN. */ - deviceAppHealthScore?: number; - // The name of the device. Supports: $select, $OrderBy. Read-only. - deviceDisplayName?: NullableOption; - // The Intune device id of the device. Supports: $select, $OrderBy. Read-only. - deviceId?: NullableOption; - // The manufacturer name of the device. Supports: $select, $OrderBy. Read-only. - deviceManufacturer?: NullableOption; - // The model name of the device. Supports: $select, $OrderBy. Read-only. - deviceModel?: NullableOption; + pinMaximumLength?: number; /** - * The health state of the user experience analytics device. Possible values are: unknown, insufficientData, - * needsAttention, meetingGoals. Unknown by default. Supports: $filter, $select, $OrderBy. Read-only. Possible values are: - * unknown, insufficientData, needsAttention, meetingGoals, unknownFutureValue. + * Controls the minimum number of characters required for the Windows Hello for Business PIN. This value must be between 4 + * and 127, inclusive, and less than or equal to the value set for the maximum PIN. */ - healthStatus?: UserExperienceAnalyticsHealthState; + pinMinimumLength?: number; /** - * The mean time to failure for the application in minutes. Valid values 0 to 2147483647. Supports: $filter, $select, - * $OrderBy. Read-only. Valid values -2147483648 to 2147483647 + * Controls the ability to prevent users from using past PINs. This must be set between 0 and 50, inclusive, and the + * current PIN of the user is included in that count. If set to 0, previous PINs are not stored. PIN history is not + * preserved through a PIN reset. */ - meanTimeToFailureInMinutes?: number; + pinPreviousBlockCount?: number; /** - * The date and time when the statistics were last computed. The value cannot be modified and is automatically populated - * when the statistics are computed. The Timestamp type represents date and time information using ISO 8601 format and is - * always in UTC time. For example, midnight UTC on Jan 1, 2022 would look like this: '2022-01-01T00:00:00Z'. Returned by - * default. Read-only. + * Controls the ability to use special characters in the Windows Hello for Business PIN. Allowed permits the use of + * special character(s), whereas Required ensures they are present. If set to Not Allowed, special character(s) will not + * be permitted. Possible values are: allowed, required, disallowed. */ - processedDateTime?: string; -} -export interface UserExperienceAnalyticsAppHealthDevicePerformanceDetails extends Entity { + pinSpecialCharactersUsage?: WindowsHelloForBusinessPinUsage; /** - * The friendly name of the application for which the event occurred. Possible values are: outlook.exe, excel.exe. - * Supports: $select, $OrderBy. Read-only. + * Controls the ability to use uppercase letters in the Windows Hello for Business PIN. Allowed permits the use of + * uppercase letter(s), whereas Required ensures they are present. If set to Not Allowed, uppercase letters will not be + * permitted. Possible values are: allowed, required, disallowed. */ - appDisplayName?: NullableOption; - // The publisher of the application. Supports: $select, $OrderBy. Read-only. - appPublisher?: NullableOption; - // The version of the application. Possible values are: 1.0.0.1, 75.65.23.9. Supports: $select, $OrderBy. Read-only. - appVersion?: NullableOption; - // The name of the device. Supports: $select, $OrderBy. Read-only. - deviceDisplayName?: NullableOption; - // The Intune device id of the device. Supports: $select, $OrderBy. Read-only. - deviceId?: NullableOption; + pinUppercaseCharactersUsage?: WindowsHelloForBusinessPinUsage; /** - * The time the event occurred. The value cannot be modified and is automatically populated when the statistics are - * computed. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For - * example, midnight UTC on Jan 1, 2022 would look like this: '2022-01-01T00:00:00Z'. Returned by default. Read-only. + * Controls the use of Remote Windows Hello for Business. Remote Windows Hello for Business provides the ability for a + * portable, registered device to be usable as a companion for desktop authentication. The desktop must be Azure AD joined + * and the companion device must have a Windows Hello for Business PIN. */ - eventDateTime?: string; - // The type of the event. Supports: $select, $OrderBy. Read-only. - eventType?: NullableOption; -} -export interface UserExperienceAnalyticsAppHealthOSVersionPerformance extends Entity { + remotePassportEnabled?: boolean; /** - * The number of active devices for the OS version. Valid values 0 to 2147483647. Supports: $filter, $select, $OrderBy. - * Read-only. Valid values -2147483648 to 2147483647 + * Controls whether to require a Trusted Platform Module (TPM) for provisioning Windows Hello for Business. A TPM provides + * an additional security benefit in that data stored on it cannot be used on other devices. If set to False, all devices + * can provision Windows Hello for Business even if there is not a usable TPM. */ - activeDeviceCount?: number; + securityDeviceRequired?: boolean; /** - * The mean time to failure for the application in minutes. Valid values 0 to 2147483647. Supports: $filter, $select, - * $OrderBy. Read-only. Valid values -2147483648 to 2147483647 + * Security key for Sign In provides the capacity for remotely turning ON/OFF Windows Hello Sercurity Keyl Not configured + * will honor configurations done on the clinet. Possible values are: notConfigured, enabled, disabled. */ - meanTimeToFailureInMinutes?: number; - // The OS build number installed on the device. Supports: $select, $OrderBy. Read-only. - osBuildNumber?: NullableOption; - // The OS version installed on the device. Supports: $select, $OrderBy. Read-only. - osVersion?: NullableOption; + securityKeyForSignIn?: Enablement; /** - * The application health score of the OS version. Valid values 0 to 100. Supports: $filter, $select, $OrderBy. Read-only. - * Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Controls whether to allow the device to be configured for Windows Hello for Business. If set to disabled, the user + * cannot provision Windows Hello for Business except on Azure Active Directory joined mobile phones if otherwise + * required. If set to Not Configured, Intune will not override client defaults. Possible values are: notConfigured, + * enabled, disabled. */ - osVersionAppHealthScore?: number; -} -export interface UserExperienceAnalyticsCategory extends Entity { - // The insights for the category. Read-only. - insights?: NullableOption; - // The metric values for the user experience analytics category. Read-only. - metricValues?: NullableOption; -} -export interface UserExperienceAnalyticsBaseline extends Entity { + state?: Enablement; /** - * The date the custom baseline was created. The value cannot be modified and is automatically populated when the baseline - * is created. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. - * For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Returned by default. + * Controls the use of biometric gestures, such as face and fingerprint, as an alternative to the Windows Hello for + * Business PIN. If set to False, biometric gestures are not allowed. Users must still configure a PIN as a backup in case + * of failures. */ + unlockWithBiometricsEnabled?: boolean; +} +export interface DeviceHealthScript extends Entity { + // The timestamp of when the device health script was created. This property is read-only. createdDateTime?: string; - // The name of the baseline. + // Description of the device health script + description?: NullableOption; + // The entire content of the detection powershell script + detectionScriptContent?: NullableOption; + // List of ComplexType DetectionScriptParameters objects. + detectionScriptParameters?: NullableOption; + // DeviceHealthScriptType for the script policy. Possible values are: deviceHealthScript, managedInstallerScript. + deviceHealthScriptType?: DeviceHealthScriptType; + // Name of the device health script displayName?: NullableOption; - /** - * When TRUE, indicates the current baseline is the commercial median baseline. When FALSE, indicates it is a custom - * baseline. FALSE by default. - */ - isBuiltIn?: boolean; - // The scores and insights for the application health metrics. - appHealthMetrics?: NullableOption; - // The scores and insights for the battery health metrics. - batteryHealthMetrics?: NullableOption; - // The scores and insights for the best practices metrics. - bestPracticesMetrics?: NullableOption; - // The scores and insights for the device boot performance metrics. - deviceBootPerformanceMetrics?: NullableOption; - // The scores and insights for the reboot analytics metrics. - rebootAnalyticsMetrics?: NullableOption; - // The scores and insights for the resource performance metrics. - resourcePerformanceMetrics?: NullableOption; - // The scores and insights for the work from anywhere metrics. - workFromAnywhereMetrics?: NullableOption; + // Indicate whether the script signature needs be checked + enforceSignatureCheck?: boolean; + // Highest available version for a Microsoft Proprietary script + highestAvailableVersion?: NullableOption; + // Determines if this is Microsoft Proprietary Script. Proprietary scripts are read-only + isGlobalScript?: boolean; + // The timestamp of when the device health script was modified. This property is read-only. + lastModifiedDateTime?: string; + // Name of the device health script publisher + publisher?: NullableOption; + // The entire content of the remediation powershell script + remediationScriptContent?: NullableOption; + // List of ComplexType RemediationScriptParameters objects. + remediationScriptParameters?: NullableOption; + // List of Scope Tag IDs for the device health script + roleScopeTagIds?: NullableOption; + // Indicate whether PowerShell script(s) should run as 32-bit + runAs32Bit?: boolean; + // Indicates the type of execution context. Possible values are: system, user. + runAsAccount?: RunAsAccountType; + // Version of the device health script + version?: NullableOption; + // The list of group assignments for the device health script + assignments?: NullableOption; + // List of run states for the device health script across all devices + deviceRunStates?: NullableOption; + // High level run summary for device health script. + runSummary?: NullableOption; } -export interface UserExperienceAnalyticsBatteryHealthAppImpact extends Entity { - // Number of active devices for using that app over a 14-day period. Valid values 0 to 2147483647 - activeDevices?: number; - // User friendly display name for the app. Eg: Outlook - appDisplayName?: NullableOption; - // App name. Eg: oltk.exe - appName?: NullableOption; - // App publisher. Eg: Microsoft Corporation - appPublisher?: NullableOption; +export interface DeviceHealthScriptAssignment extends Entity { + // Determine whether we want to run detection script only or run both detection script and remediation script + runRemediationScript?: boolean; + // Script run schedule for the target group + runSchedule?: NullableOption; + // The Azure Active Directory group we are targeting the script to + target?: NullableOption; +} +export interface DeviceHealthScriptDeviceState extends Entity { + // A list of the assignment filter ids used for health script applicability evaluation + assignmentFilterIds?: NullableOption; /** - * The percent of total battery power used by this application when the device was not plugged into AC power, over 14 days - * computed across all devices in the tenant. Unit in percentage. Valid values 0 to 1.79769313486232E+308 + * Detection state from the lastest device health script execution. Possible values are: unknown, success, fail, + * scriptError, pending, notApplicable. */ - batteryUsagePercentage?: number; - // true if the user had active interaction with the app. - isForegroundApp?: boolean; -} -export interface UserExperienceAnalyticsBatteryHealthCapacityDetails extends Entity { - // Number of active devices within the tenant. Valid values 0 to 2147483647 - activeDevices?: number; - // Number of devices whose battery maximum capacity is greater than 50% but lesser than 80%. Valid values 0 to 2147483647 - batteryCapacityFair?: number; - // Number of devices whose battery maximum capacity is greater than 80%. Valid values 0 to 2147483647 - batteryCapacityGood?: number; - // Number of devices whose battery maximum capacity is lesser than 50%. Valid values 0 to 2147483647 - batteryCapacityPoor?: number; - // Recorded date time of this capacity details instance. - lastRefreshedDateTime?: string; -} -export interface UserExperienceAnalyticsBatteryHealthDeviceAppImpact extends Entity { - // User friendly display name for the app. Eg: Outlook - appDisplayName?: NullableOption; - // App name. Eg: oltk.exe - appName?: NullableOption; - // App publisher. Eg: Microsoft Corporation - appPublisher?: NullableOption; + detectionState?: RunState; + // The next timestamp of when the device health script is expected to execute + expectedStateUpdateDateTime?: NullableOption; + // The last timestamp of when the device health script executed + lastStateUpdateDateTime?: string; + // The last time that Intune Managment Extension synced with Intune + lastSyncDateTime?: string; + // Error from the detection script after remediation + postRemediationDetectionScriptError?: NullableOption; + // Detection script output after remediation + postRemediationDetectionScriptOutput?: NullableOption; + // Error from the detection script before remediation + preRemediationDetectionScriptError?: NullableOption; + // Output of the detection script before remediation + preRemediationDetectionScriptOutput?: NullableOption; + // Error output of the remediation script + remediationScriptError?: NullableOption; /** - * The percent of total battery power used by this application when the device was not plugged into AC power, over 14 - * days. Unit in percentage. Valid values 0 to 1.79769313486232E+308 + * Remediation state from the lastest device health script execution. Possible values are: unknown, skipped, success, + * remediationFailed, scriptError, unknownFutureValue. */ - batteryUsagePercentage?: number; - // The unique identifier of the device, Intune DeviceID or SCCM device id. - deviceId?: NullableOption; - // true if the user had active interaction with the app. - isForegroundApp?: boolean; + remediationState?: RemediationState; + // The managed device on which the device health script executed + managedDevice?: NullableOption; } -export interface UserExperienceAnalyticsBatteryHealthDevicePerformance extends Entity { - // Estimated battery age. Unit in days. Valid values 0 to 2147483647 - batteryAgeInDays?: number; - // Properties (maxCapacity and cycleCount) related to all batteries of the device. - deviceBatteriesDetails?: NullableOption; - // Number of batteries in a user device. Valid values 1 to 2147483647 - deviceBatteryCount?: number; +export interface DeviceHealthScriptPolicyState { + // A list of the assignment filter ids used for health script applicability evaluation + assignmentFilterIds?: NullableOption; /** - * A weighted average of a device’s maximum capacity score and runtime estimate score. Values range from 0-100. Valid - * values 0 to 2147483647 + * Detection state from the lastest device health script execution. Possible values are: unknown, success, fail, + * scriptError, pending, notApplicable. */ - deviceBatteryHealthScore?: number; - // The unique identifier of the device, Intune DeviceID. - deviceId?: NullableOption; - // Device friendly name. + detectionState?: RunState; + // The Intune device Id + deviceId?: string; + // Display name of the device deviceName?: NullableOption; - // The estimated runtime of the device when the battery is fully charged. Unit in minutes. Valid values 0 to 2147483647 - estimatedRuntimeInMinutes?: number; - /** - * Number of times the battery has been discharged an amount that equals 100% of its capacity, but not necessarily by - * discharging it from 100% to 0%. Valid values 0 to 2147483647 - */ - fullBatteryDrainCount?: number; - /** - * The overall battery health status of the device. Possible values are: unknown, insufficientData, needsAttention, - * meetingGoals, unknownFutureValue. - */ - healthStatus?: UserExperienceAnalyticsHealthState; - // The manufacturer name of the device. - manufacturer?: NullableOption; + // The next timestamp of when the device health script is expected to execute + expectedStateUpdateDateTime?: NullableOption; + // Key of the device health script policy state is a concatenation of the MT sideCar policy Id and Intune device Id + id?: string; + // The last timestamp of when the device health script executed + lastStateUpdateDateTime?: string; + // The last time that Intune Managment Extension synced with Intune + lastSyncDateTime?: string; + // Value of the OS Version in string + osVersion?: NullableOption; + // The MT sideCar policy Id + policyId?: string; + // Display name of the device health script + policyName?: NullableOption; + // Error from the detection script after remediation + postRemediationDetectionScriptError?: NullableOption; + // Detection script output after remediation + postRemediationDetectionScriptOutput?: NullableOption; + // Error from the detection script before remediation + preRemediationDetectionScriptError?: NullableOption; + // Output of the detection script before remediation + preRemediationDetectionScriptOutput?: NullableOption; + // Error output of the remediation script + remediationScriptError?: NullableOption; /** - * Ratio of current capacity and design capacity of the battery with the lowest capacity. Unit in percentage and values - * range from 0-100. Valid values 0 to 2147483647 + * Remediation state from the lastest device health script execution. Possible values are: unknown, skipped, success, + * remediationFailed, scriptError, unknownFutureValue. */ - maxCapacityPercentage?: number; - // The model name of the device. - model?: NullableOption; + remediationState?: RemediationState; + // Name of the user whom ran the device health script + userName?: NullableOption; } -export interface UserExperienceAnalyticsBatteryHealthDeviceRuntimeHistory extends Entity { - // The unique identifier of the device, Intune DeviceID or SCCM device id. - deviceId?: NullableOption; - // The estimated runtime of the device when the battery is fully charged. Unit in minutes. Valid values 0 to 2147483647 - estimatedRuntimeInMinutes?: number; - // The datetime for the instance of runtime history. - runtimeDateTime?: NullableOption; +export interface DeviceHealthScriptRunSummary extends Entity { + // Number of devices on which the detection script execution encountered an error and did not complete + detectionScriptErrorDeviceCount?: number; + // Number of devices for which the detection script was not applicable + detectionScriptNotApplicableDeviceCount?: number; + // Number of devices which have not yet run the latest version of the device health script + detectionScriptPendingDeviceCount?: number; + // Number of devices for which the detection script found an issue + issueDetectedDeviceCount?: number; + // Number of devices that were remediated over the last 30 days + issueRemediatedCumulativeDeviceCount?: number; + // Number of devices for which the remediation script was able to resolve the detected issue + issueRemediatedDeviceCount?: number; + // Number of devices for which the remediation script executed successfully but failed to resolve the detected issue + issueReoccurredDeviceCount?: number; + // Last run time for the script across all devices + lastScriptRunDateTime?: NullableOption; + // Number of devices for which the detection script did not find an issue and the device is healthy + noIssueDetectedDeviceCount?: number; + // Number of devices for which the remediation script execution encountered an error and did not complete + remediationScriptErrorDeviceCount?: number; + // Number of devices for which remediation was skipped + remediationSkippedDeviceCount?: number; } -export interface UserExperienceAnalyticsBatteryHealthModelPerformance extends Entity { - // Number of active devices for that model. Valid values 0 to 2147483647 - activeDevices?: number; - // The mean of the battery age for all devices of a given model in a tenant. Unit in days. Valid values 0 to 2147483647 - averageBatteryAgeInDays?: number; +export interface DeviceInstallState extends Entity { + // Device Id. + deviceId?: NullableOption; + // Device name. + deviceName?: NullableOption; + // The error code for install failures. + errorCode?: NullableOption; /** - * The mean of the estimated runtimes on full charge for all devices of a given model. Unit in minutes. Valid values 0 to - * 2147483647 + * The install state of the eBook. Possible values are: notApplicable, installed, failed, notInstalled, uninstallFailed, + * unknown. */ - averageEstimatedRuntimeInMinutes?: number; + installState?: InstallState; + // Last sync date and time. + lastSyncDateTime?: string; + // OS Description. + osDescription?: NullableOption; + // OS Version. + osVersion?: NullableOption; + // Device User Name. + userName?: NullableOption; +} +export interface DeviceLocalCredentialInfo extends Entity { + // The credentials of the device's local administrator account backed up to Azure Active Directory. + credentials?: DeviceLocalCredential[]; + // Display name of the device that the local credentials are associated with. + deviceName?: string; + // When the local administrator account credential was backed up to Microsoft Entra ID. + lastBackupDateTime?: string; + // When the local administrator account credential will be refreshed and backed up to Microsoft Entra ID. + refreshDateTime?: string; +} +export interface DeviceLogCollectionResponse extends Entity { + // The User Principal Name (UPN) of the user that enrolled the device. + enrolledByUser?: NullableOption; + // The error code, if any. Valid values -9.22337203685478E+18 to 9.22337203685478E+18 + errorCode?: number; + // The DateTime of the expiration of the logs. + expirationDateTimeUTC?: NullableOption; + // The UPN for who initiated the request. + initiatedByUserPrincipalName?: NullableOption; + // Indicates Intune device unique identifier. + managedDeviceId?: string; + // The DateTime the request was received. + receivedDateTimeUTC?: NullableOption; + // The DateTime of the request. + requestedDateTimeUTC?: NullableOption; + // The size of the logs. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + size?: number; + // The size of the logs in KB. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + sizeInKB?: number; /** - * The mean of the maximum capacity for all devices of a given model. Maximum capacity measures the full charge vs. design - * capacity for a device’s batteries.. Valid values 0 to 2147483647 + * Indicates the status for the app log collection request if it is pending, completed or failed, Default is pending. + * Possible values are: pending, completed, failed, unknownFutureValue. */ - averageMaxCapacityPercentage?: number; - // Name of the device manufacturer. - manufacturer?: NullableOption; + status?: AppLogUploadState; +} +export interface DeviceManagement extends Entity { + // The date & time when tenant data moved between scaleunits. + accountMoveCompletionDateTime?: string; + // Admin consent information. + adminConsent?: NullableOption; + // The list of connector status for the tenant. + connectorStatus?: NullableOption; + // A configuration entity for MEM features that utilize Data Processor Service for Windows (DPSW) data. + dataProcessorServiceForWindowsFeaturesOnboarding?: NullableOption; + // The last requested time of device compliance reporting for this account. This property is read-only. + deviceComplianceReportSummarizationDateTime?: string; + // Device protection overview. + deviceProtectionOverview?: NullableOption; + // Intune Account ID for given tenant + intuneAccountId?: string; /** - * The mean of number of times the battery has been discharged an amount that equals 100% of its capacity for all devices - * of a given model in a tenant. Valid values 0 to 2147483647 + * intuneBrand contains data which is used in customizing the appearance of the Company Portal applications as well as the + * end user web portal. */ - meanFullBatteryDrainCount?: number; + intuneBrand?: NullableOption; + // The last modified time of reporting for this account. This property is read-only. + lastReportAggregationDateTime?: string; + // The property to enable Non-MDM managed legacy PC management for this account. This property is read-only. + legacyPcManangementEnabled?: boolean; + // Device cleanup rule + managedDeviceCleanupSettings?: NullableOption; + // Maximum number of DEP tokens allowed per-tenant. + maximumDepTokens?: number; + // Account level settings. + settings?: NullableOption; + // Tenant's Subscription. Possible values are: none, intune, office365, intunePremium, intuneEDU, intuneSMB. + subscriptions?: DeviceManagementSubscriptions; /** - * The median of the estimated runtimes on full charge for all devices of a given model. Unit in minutes. Valid values 0 - * to 2147483647 + * Tenant mobile device management subscription state. Possible values are: pending, active, warning, disabled, deleted, + * blocked, lockedOut. */ - medianEstimatedRuntimeInMinutes?: number; + subscriptionState?: DeviceManagementSubscriptionState; /** - * The median of number of times the battery has been discharged an amount that equals 100% of its capacity for all - * devices of a given model in a tenant. Valid values 0 to 2147483647 + * When enabled, users assigned as administrators via Role Assignment Memberships do not require an assigned Intune + * license. Prior to this, only Intune licensed users were granted permissions with an Intune role unless they were + * assigned a role via Azure Active Directory. You are limited to 350 unlicensed direct members for each AAD security + * group in a role assignment, but you can assign multiple AAD security groups to a role if you need to support more than + * 350 unlicensed administrators. Licensed administrators are unaffected, do not have to be direct members, nor does the + * 350 member limit apply. This property is read-only. */ - medianFullBatteryDrainCount?: number; + unlicensedAdminstratorsEnabled?: boolean; /** - * The median of the maximum capacity for all devices of a given model. Maximum capacity measures the full charge vs. - * design capacity for a device’s batteries.. Valid values 0 to 2147483647 + * The user experience analytics anomaly severity overview entity contains the count information for each severity of + * anomaly. */ - medianMaxCapacityPercentage?: number; - // The model name of the device. - model?: NullableOption; + userExperienceAnalyticsAnomalySeverityOverview?: NullableOption; + // User experience analytics device settings + userExperienceAnalyticsSettings?: NullableOption; + // Malware overview for windows devices. + windowsMalwareOverview?: NullableOption; + // The summary state of ATP onboarding state for this account. + advancedThreatProtectionOnboardingStateSummary?: NullableOption; + // Android device owner enrollment profile entities. + androidDeviceOwnerEnrollmentProfiles?: NullableOption; + // Android for Work app configuration schema entities. + androidForWorkAppConfigurationSchemas?: NullableOption; + // Android for Work enrollment profile entities. + androidForWorkEnrollmentProfiles?: NullableOption; + // The singleton Android for Work settings entity. + androidForWorkSettings?: NullableOption; + // The singleton Android managed store account enterprise settings entity. + androidManagedStoreAccountEnterpriseSettings?: NullableOption; + // Android Enterprise app configuration schema entities. + androidManagedStoreAppConfigurationSchemas?: NullableOption; + // Apple push notification certificate. + applePushNotificationCertificate?: NullableOption; + // Apple user initiated enrollment profiles + appleUserInitiatedEnrollmentProfiles?: NullableOption; + // The list of assignment filters + assignmentFilters?: NullableOption; + // The Audit Events + auditEvents?: NullableOption; + // The list of autopilot events for the tenant. + autopilotEvents?: NullableOption; + // The Cart To Class Associations. + cartToClassAssociations?: NullableOption; + // The available categories + categories?: NullableOption; + // Collection of certificate connector details, each associated with a corresponding Intune Certificate Connector. + certificateConnectorDetails?: NullableOption; + // Collection of ChromeOSOnboardingSettings settings associated with account. + chromeOSOnboardingSettings?: NullableOption; + // The list of CloudPC Connectivity Issue. + cloudPCConnectivityIssues?: NullableOption; + // The list of co-managed devices report + comanagedDevices?: NullableOption; + // The list of co-management eligible devices report + comanagementEligibleDevices?: NullableOption; + // List of all compliance categories + complianceCategories?: NullableOption; + // The list of Compliance Management Partners configured by the tenant. + complianceManagementPartners?: NullableOption; + // List of all compliance policies + compliancePolicies?: NullableOption; + // List of all ComplianceSettings + complianceSettings?: NullableOption; /** - * A weighted average of a model’s maximum capacity score and runtime estimate score. Values range from 0-100. Valid - * values 0 to 2147483647 + * The Exchange on premises conditional access settings. On premises conditional access will require devices to be both + * enrolled and compliant for mail access */ - modelBatteryHealthScore?: number; + conditionalAccessSettings?: NullableOption; + // A list of ConfigManagerCollection + configManagerCollections?: NullableOption; + // List of all Configuration Categories + configurationCategories?: NullableOption; + // List of all Configuration policies + configurationPolicies?: NullableOption; + // List of all templates + configurationPolicyTemplates?: NullableOption; + // List of all ConfigurationSettings + configurationSettings?: NullableOption; + // Data sharing consents. + dataSharingConsents?: NullableOption; + // This collections of multiple DEP tokens per-tenant. + depOnboardingSettings?: NullableOption; + // Collection of Derived credential settings associated with account. + derivedCredentials?: NullableOption; + // The list of detected apps associated with a device. + detectedApps?: NullableOption; + // The list of device categories with the tenant. + deviceCategories?: NullableOption; + // The device compliance policies. + deviceCompliancePolicies?: NullableOption; + // The device compliance state summary for this account. + deviceCompliancePolicyDeviceStateSummary?: NullableOption; + // The summary states of compliance policy settings for this account. + deviceCompliancePolicySettingStateSummaries?: NullableOption; + // The list of device compliance scripts associated with the tenant. + deviceComplianceScripts?: NullableOption; + // Summary of policies in conflict state for this account. + deviceConfigurationConflictSummary?: NullableOption; + // The device configuration device state summary for this account. + deviceConfigurationDeviceStateSummaries?: NullableOption; + // Restricted apps violations for this account. + deviceConfigurationRestrictedAppsViolations?: NullableOption; + // The device configurations. + deviceConfigurations?: NullableOption; + // Summary of all certificates for all devices. + deviceConfigurationsAllManagedDeviceCertificateStates?: NullableOption; + // The device configuration user state summary for this account. + deviceConfigurationUserStateSummaries?: NullableOption; + // The list of device custom attribute shell scripts associated with the tenant. + deviceCustomAttributeShellScripts?: NullableOption; + // The list of device enrollment configurations + deviceEnrollmentConfigurations?: NullableOption; + // The list of device health scripts associated with the tenant. + deviceHealthScripts?: NullableOption; + // The list of Device Management Partners configured by the tenant. + deviceManagementPartners?: NullableOption; + // The list of device management scripts associated with the tenant. + deviceManagementScripts?: NullableOption; + // The list of device shell scripts associated with the tenant. + deviceShellScripts?: NullableOption; + // A list of connector objects. + domainJoinConnectors?: NullableOption; + // List of elevation requests + elevationRequests?: NullableOption; + // The embedded SIM activation code pools created by this account. + embeddedSIMActivationCodePools?: NullableOption; + // The list of Exchange Connectors configured by the tenant. + exchangeConnectors?: NullableOption; + // The list of Exchange On Premisis policies configured by the tenant. + exchangeOnPremisesPolicies?: NullableOption; + // The policy which controls mobile device access to Exchange On Premises + exchangeOnPremisesPolicy?: NullableOption; + // The available group policy categories for this account. + groupPolicyCategories?: NullableOption; + // The group policy configurations created by this account. + groupPolicyConfigurations?: NullableOption; + // The available group policy definition files for this account. + groupPolicyDefinitionFiles?: NullableOption; + // The available group policy definitions for this account. + groupPolicyDefinitions?: NullableOption; + // A list of Group Policy migration reports. + groupPolicyMigrationReports?: NullableOption; + // A list of Group Policy Object files uploaded. + groupPolicyObjectFiles?: NullableOption; + // The available group policy uploaded definition files for this account. + groupPolicyUploadedDefinitionFiles?: NullableOption; + // The imported device identities. + importedDeviceIdentities?: NullableOption; + // Collection of imported Windows autopilot devices. + importedWindowsAutopilotDeviceIdentities?: NullableOption; + // The device management intents + intents?: NullableOption; + // Intune branding profiles targeted to AAD groups + intuneBrandingProfiles?: NullableOption; + // The IOS software update installation statuses for this account. + iosUpdateStatuses?: NullableOption; + // The MacOS software update account summaries for this account. + macOSSoftwareUpdateAccountSummaries?: NullableOption; + // Device cleanup rule V2 + managedDeviceCleanupRules?: NullableOption; + // Encryption report for devices in this account + managedDeviceEncryptionStates?: NullableOption; + // Device overview + managedDeviceOverview?: NullableOption; + // The list of managed devices. + managedDevices?: NullableOption; + // Collection of MicrosoftTunnelConfiguration settings associated with account. + microsoftTunnelConfigurations?: NullableOption; + // Collection of MicrosoftTunnelHealthThreshold settings associated with account. + microsoftTunnelHealthThresholds?: NullableOption; + // Collection of MicrosoftTunnelServerLogCollectionResponse settings associated with account. + microsoftTunnelServerLogCollectionResponses?: NullableOption; + // Collection of MicrosoftTunnelSite settings associated with account. + microsoftTunnelSites?: NullableOption; + // The collection property of MobileAppTroubleshootingEvent. + mobileAppTroubleshootingEvents?: NullableOption; + // The list of Mobile threat Defense connectors configured by the tenant. + mobileThreatDefenseConnectors?: NullableOption; + monitoring?: NullableOption; + // The collection of Ndes connectors for this account. + ndesConnectors?: NullableOption; + // The Notification Message Templates. + notificationMessageTemplates?: NullableOption; + // The Operation Approval Policies + operationApprovalPolicies?: NullableOption; + // The Operation Approval Requests + operationApprovalRequests?: NullableOption; + // The endpoint privilege management elevation event entity contains elevation details. + privilegeManagementElevations?: NullableOption; + // The list of device remote action audits with the tenant. + remoteActionAudits?: NullableOption; + // The remote assist partners. + remoteAssistancePartners?: NullableOption; + // The remote assistance settings singleton + remoteAssistanceSettings?: NullableOption; + // Reports singleton + reports?: NullableOption; + // Collection of resource access settings associated with account. + resourceAccessProfiles?: NullableOption; + // The Resource Operations. + resourceOperations?: NullableOption; + // List of all reusable settings that can be referred in a policy + reusablePolicySettings?: NullableOption; + // List of all reusable settings + reusableSettings?: NullableOption; + // The Role Assignments. + roleAssignments?: NullableOption; + // The Role Definitions. + roleDefinitions?: NullableOption; + // The Role Scope Tags. + roleScopeTags?: NullableOption; + // A list of ServiceNowConnections + serviceNowConnections?: NullableOption; + // The device management intent setting definitions + settingDefinitions?: NullableOption; + // The software update status summary. + softwareUpdateStatusSummary?: NullableOption; + // The telecom expense management partners. + telecomExpenseManagementPartners?: NullableOption; + // List of setting insights in a template + templateInsights?: NullableOption; + // The available templates + templates?: NullableOption; + // List of all TemplateSettings + templateSettings?: NullableOption; + // TenantAttach RBAC Enablement + tenantAttachRBAC?: NullableOption; + // The terms and conditions associated with device management of the company. + termsAndConditions?: NullableOption; + // The list of troubleshooting events for the tenant. + troubleshootingEvents?: NullableOption; + // The user experience analytics anomaly entity contains anomaly details. + userExperienceAnalyticsAnomaly?: NullableOption; /** - * The overall battery health status of a given model in a tenant. Possible values are: unknown, insufficientData, - * needsAttention, meetingGoals, unknownFutureValue. + * The user experience analytics anomaly correlation group overview entity contains the information for each correlation + * group of an anomaly. */ - modelHealthStatus?: UserExperienceAnalyticsHealthState; -} -export interface UserExperienceAnalyticsBatteryHealthOsPerformance extends Entity { - // Number of active devices for that os version. Valid values 0 to 2147483647 - activeDevices?: number; + userExperienceAnalyticsAnomalyCorrelationGroupOverview?: NullableOption; + // The user experience analytics anomaly entity contains device details. + userExperienceAnalyticsAnomalyDevice?: NullableOption; + // User experience analytics appHealth Application Performance + userExperienceAnalyticsAppHealthApplicationPerformance?: NullableOption; + // User experience analytics appHealth Application Performance by App Version + userExperienceAnalyticsAppHealthApplicationPerformanceByAppVersion?: NullableOption; + // User experience analytics appHealth Application Performance by App Version details + userExperienceAnalyticsAppHealthApplicationPerformanceByAppVersionDetails?: NullableOption; + // User experience analytics appHealth Application Performance by App Version Device Id + userExperienceAnalyticsAppHealthApplicationPerformanceByAppVersionDeviceId?: NullableOption; + // User experience analytics appHealth Application Performance by OS Version + userExperienceAnalyticsAppHealthApplicationPerformanceByOSVersion?: NullableOption; + // User experience analytics appHealth Model Performance + userExperienceAnalyticsAppHealthDeviceModelPerformance?: NullableOption; + // User experience analytics appHealth Device Performance + userExperienceAnalyticsAppHealthDevicePerformance?: NullableOption; + // User experience analytics device performance details + userExperienceAnalyticsAppHealthDevicePerformanceDetails?: NullableOption; + // User experience analytics appHealth OS version Performance + userExperienceAnalyticsAppHealthOSVersionPerformance?: NullableOption; + // User experience analytics appHealth overview + userExperienceAnalyticsAppHealthOverview?: NullableOption; + // User experience analytics baselines + userExperienceAnalyticsBaselines?: NullableOption; + // User Experience Analytics Battery Health App Impact + userExperienceAnalyticsBatteryHealthAppImpact?: NullableOption; + // User Experience Analytics Battery Health Capacity Details + userExperienceAnalyticsBatteryHealthCapacityDetails?: NullableOption; + // User Experience Analytics Battery Health Device App Impact + userExperienceAnalyticsBatteryHealthDeviceAppImpact?: NullableOption; + // User Experience Analytics Battery Health Device Performance + userExperienceAnalyticsBatteryHealthDevicePerformance?: NullableOption; + // User Experience Analytics Battery Health Device Runtime History + userExperienceAnalyticsBatteryHealthDeviceRuntimeHistory?: NullableOption; + // User Experience Analytics Battery Health Model Performance + userExperienceAnalyticsBatteryHealthModelPerformance?: NullableOption; + // User Experience Analytics Battery Health Os Performance + userExperienceAnalyticsBatteryHealthOsPerformance?: NullableOption; + // User Experience Analytics Battery Health Runtime Details + userExperienceAnalyticsBatteryHealthRuntimeDetails?: NullableOption; + // User experience analytics categories + userExperienceAnalyticsCategories?: NullableOption; + // User experience analytics device metric history + userExperienceAnalyticsDeviceMetricHistory?: NullableOption; + // User experience analytics device performance + userExperienceAnalyticsDevicePerformance?: NullableOption; /** - * The mean of the battery age for all devices running a particular operating system version in a tenant. Unit in days. - * Valid values 0 to 2147483647 + * The user experience analytics device scope entity endpoint to trigger on the service to either START or STOP computing + * metrics data based on a device scope configuration. */ - averageBatteryAgeInDays?: number; + userExperienceAnalyticsDeviceScope?: NullableOption; /** - * The mean of the estimated runtimes on full charge for all devices running a particular operating system version. Unit - * in minutes. Valid values 0 to 2147483647 + * The user experience analytics device scope entity contains device scope configuration use to apply filtering on the + * endpoint analytics reports. */ - averageEstimatedRuntimeInMinutes?: number; + userExperienceAnalyticsDeviceScopes?: NullableOption; + // User experience analytics device scores + userExperienceAnalyticsDeviceScores?: NullableOption; + // User experience analytics device Startup History + userExperienceAnalyticsDeviceStartupHistory?: NullableOption; + // User experience analytics device Startup Processes + userExperienceAnalyticsDeviceStartupProcesses?: NullableOption; + // User experience analytics device Startup Process Performance + userExperienceAnalyticsDeviceStartupProcessPerformance?: NullableOption; + // User experience analytics devices without cloud identity. + userExperienceAnalyticsDevicesWithoutCloudIdentity?: NullableOption; + // The user experience analytics device events entity contains NRT device timeline event details. + userExperienceAnalyticsDeviceTimelineEvent?: NullableOption; + // User experience analytics impacting process + userExperienceAnalyticsImpactingProcess?: NullableOption; + // User experience analytics metric history + userExperienceAnalyticsMetricHistory?: NullableOption; + // User experience analytics model scores + userExperienceAnalyticsModelScores?: NullableOption; + // User experience analytics devices not Windows Autopilot ready. + userExperienceAnalyticsNotAutopilotReadyDevice?: NullableOption; + // User experience analytics overview + userExperienceAnalyticsOverview?: NullableOption; + // User experience analytics remote connection + userExperienceAnalyticsRemoteConnection?: NullableOption; + // User experience analytics resource performance + userExperienceAnalyticsResourcePerformance?: NullableOption; + // User experience analytics device Startup Score History + userExperienceAnalyticsScoreHistory?: NullableOption; + // User experience analytics work from anywhere hardware readiness metrics. + userExperienceAnalyticsWorkFromAnywhereHardwareReadinessMetric?: NullableOption; + // User experience analytics work from anywhere metrics. + userExperienceAnalyticsWorkFromAnywhereMetrics?: NullableOption; + // The user experience analytics work from anywhere model performance + userExperienceAnalyticsWorkFromAnywhereModelPerformance?: NullableOption; + // Collection of PFX certificates associated with a user. + userPfxCertificates?: NullableOption; + virtualEndpoint?: NullableOption; + // Windows auto pilot deployment profiles + windowsAutopilotDeploymentProfiles?: NullableOption; + // The Windows autopilot device identities contained collection. + windowsAutopilotDeviceIdentities?: NullableOption; + // The Windows autopilot account settings. + windowsAutopilotSettings?: NullableOption; + // A collection of windows driver update profiles + windowsDriverUpdateProfiles?: NullableOption; + // A collection of windows feature update profiles + windowsFeatureUpdateProfiles?: NullableOption; + // The windows information protection app learning summaries. + windowsInformationProtectionAppLearningSummaries?: NullableOption; + // The windows information protection network learning summaries. + windowsInformationProtectionNetworkLearningSummaries?: NullableOption; + // The list of affected malware in the tenant. + windowsMalwareInformation?: NullableOption; + // A collection of windows quality update profiles + windowsQualityUpdateProfiles?: NullableOption; + // A collection of windows update catalog items (fetaure updates item , quality updates item) + windowsUpdateCatalogItems?: NullableOption; + // The Collection of ZebraFotaArtifacts. + zebraFotaArtifacts?: NullableOption; + // The singleton ZebraFotaConnector associated with account. + zebraFotaConnector?: NullableOption; + // Collection of ZebraFotaDeployments associated with account. + zebraFotaDeployments?: NullableOption; +} +export interface DeviceManagementAbstractComplexSettingDefinition extends DeviceManagementSettingDefinition { + // List of definition IDs for all possible implementations of this abstract complex setting + implementations?: NullableOption; +} +export interface DeviceManagementAbstractComplexSettingInstance extends DeviceManagementSettingInstance { + // The definition ID for the chosen implementation of this complex setting + implementationId?: NullableOption; + // The values that make up the complex setting + value?: NullableOption; +} +export interface DeviceManagementAutopilotEvent extends Entity { + // Time spent in user ESP. + accountSetupDuration?: string; /** - * The mean of the maximum capacity for all devices running a particular operating system version. Maximum capacity - * measures the full charge vs. design capacity for a device’s batteries.. Valid values 0 to 2147483647 + * Deployment status for the enrollment status page’s account setup phase. Possible values are: unknown, success, + * inProgress, failure, successWithTimeout, notAttempted, disabled, successOnRetry. */ - averageMaxCapacityPercentage?: number; + accountSetupStatus?: WindowsAutopilotDeploymentState; + // Autopilot deployment duration including enrollment. + deploymentDuration?: string; + // Deployment end time. + deploymentEndDateTime?: string; + // Deployment start time. + deploymentStartDateTime?: string; /** - * The mean of number of times the battery has been discharged an amount that equals 100% of its capacity for all devices - * running a particular operating system version in a tenant. Valid values 0 to 2147483647 + * Deployment state like Success, Failure, InProgress, SuccessWithTimeout. Possible values are: unknown, success, + * inProgress, failure, successWithTimeout, notAttempted, disabled, successOnRetry. */ - meanFullBatteryDrainCount?: number; + deploymentState?: WindowsAutopilotDeploymentState; + // Total deployment duration from enrollment to Desktop screen. + deploymentTotalDuration?: string; + // Device id associated with the object + deviceId?: NullableOption; + // Time spent in device enrollment. + devicePreparationDuration?: string; + // Device registration date. + deviceRegisteredDateTime?: string; + // Device serial number. + deviceSerialNumber?: NullableOption; + // Time spent in device ESP. + deviceSetupDuration?: string; /** - * The median of the estimated runtimes on full charge for all devices running a particular operating system version. Unit - * in minutes. Valid values 0 to 2147483647 + * Deployment status for the enrollment status page’s device setup phase. Possible values are: unknown, success, + * inProgress, failure, successWithTimeout, notAttempted, disabled, successOnRetry. */ - medianEstimatedRuntimeInMinutes?: number; + deviceSetupStatus?: WindowsAutopilotDeploymentState; + // Enrollment failure details. + enrollmentFailureDetails?: NullableOption; + // Device enrollment start date. + enrollmentStartDateTime?: string; /** - * The median of number of times the battery has been discharged an amount that equals 100% of its capacity for all - * devices running a particular operating system version in a tenant. Valid values 0 to 2147483647 + * Enrollment state like Enrolled, Failed. Possible values are: unknown, enrolled, pendingReset, failed, notContacted, + * blocked. */ - medianFullBatteryDrainCount?: number; + enrollmentState?: EnrollmentState; /** - * The median of the maximum capacity for all devices running a particular operating system version. Maximum capacity - * measures the full charge vs. design capacity for a device’s batteries.. Valid values 0 to 2147483647 + * Enrollment type. Possible values are: unknown, azureADJoinedWithAutopilotProfile, offlineDomainJoined, + * azureADJoinedUsingDeviceAuthWithAutopilotProfile, azureADJoinedUsingDeviceAuthWithoutAutopilotProfile, + * azureADJoinedWithOfflineAutopilotProfile, azureADJoinedWithWhiteGlove, offlineDomainJoinedWithWhiteGlove, + * offlineDomainJoinedWithOfflineAutopilotProfile. */ - medianMaxCapacityPercentage?: number; + enrollmentType?: WindowsAutopilotEnrollmentType; + // Time when the event occurred . + eventDateTime?: string; + // Managed device name. + managedDeviceName?: NullableOption; + // Device operating system version. + osVersion?: NullableOption; + // Count of applications targeted. + targetedAppCount?: number; + // Count of policies targeted. + targetedPolicyCount?: number; + // User principal name used to enroll the device. + userPrincipalName?: NullableOption; + // Enrollment Status Page profile name + windows10EnrollmentCompletionPageConfigurationDisplayName?: NullableOption; + // Enrollment Status Page profile ID + windows10EnrollmentCompletionPageConfigurationId?: NullableOption; + // Autopilot profile name. + windowsAutopilotDeploymentProfileDisplayName?: NullableOption; + // Policy and application status details for this device. + policyStatusDetails?: NullableOption; +} +export interface DeviceManagementAutopilotPolicyStatusDetail extends Entity { /** - * A weighted average of battery health score across all devices running a particular operating system version. Values - * range from 0-100. Valid values 0 to 2147483647 + * The policy compliance or enforcement status. Enforcement status takes precedence if it exists. Possible values are: + * unknown, compliant, installed, notCompliant, notInstalled, error. */ - osBatteryHealthScore?: number; - // Build number of the operating system. - osBuildNumber?: NullableOption; + complianceStatus?: DeviceManagementAutopilotPolicyComplianceStatus; + // The friendly name of the policy. + displayName?: NullableOption; /** - * The overall battery health status of a given os version in a tenant. Possible values are: unknown, insufficientData, - * needsAttention, meetingGoals, unknownFutureValue. + * The errorode associated with the compliance or enforcement status of the policy. Error code for enforcement status + * takes precedence if it exists. */ - osHealthStatus?: UserExperienceAnalyticsHealthState; - // Version of the operating system. - osVersion?: NullableOption; + errorCode?: number; + // Timestamp of the reported policy status + lastReportedDateTime?: string; + // The type of policy. Possible values are: unknown, application, appModel, configurationPolicy. + policyType?: DeviceManagementAutopilotPolicyType; + // Indicates if this policy was tracked as part of the autopilot bootstrap enrollment sync session + trackedOnEnrollmentStatus?: boolean; } -export interface UserExperienceAnalyticsBatteryHealthRuntimeDetails extends Entity { - // Number of active devices within the tenant. Valid values 0 to 2147483647 - activeDevices?: number; - // Number of devices whose active runtime is greater than 3 hours but lesser than 5 hours. Valid values 0 to 2147483647 - batteryRuntimeFair?: number; - // Number of devices whose active runtime is greater than 5 hours. Valid values 0 to 2147483647 - batteryRuntimeGood?: number; - // Number of devices whose active runtime is lesser than 3 hours. Valid values 0 to 2147483647 - batteryRuntimePoor?: number; - // Recorded date time of this runtime details instance. - lastRefreshedDateTime?: string; +export interface DeviceManagementBooleanSettingInstance extends DeviceManagementSettingInstance { + // The boolean value + value?: NullableOption; } -export interface UserExperienceAnalyticsMetricHistory extends Entity { - // The Intune device id of the device. - deviceId?: NullableOption; +export interface DeviceManagementCachedReportConfiguration extends Entity { + // Time that the cached report expires. + expirationDateTime?: string; + // Filters applied on report creation. + filter?: NullableOption; + // Time that the cached report was last refreshed. + lastRefreshDateTime?: string; + // Caller-managed metadata associated with the report. + metadata?: NullableOption; + // Ordering of columns in the report. + orderBy?: NullableOption; + // Name of the report. + reportName?: NullableOption; + // Columns selected from the report. + select?: NullableOption; + // Status of the cached report. Possible values are: unknown, notStarted, inProgress, completed, failed. + status?: DeviceManagementReportStatus; +} +export interface DeviceManagementCollectionSettingDefinition extends DeviceManagementSettingDefinition { + // The Setting Definition ID that describes what each element of the collection looks like + elementDefinitionId?: NullableOption; +} +export interface DeviceManagementCollectionSettingInstance extends DeviceManagementSettingInstance { + // The collection of values + value?: NullableOption; +} +export interface DeviceManagementComplexSettingDefinition extends DeviceManagementSettingDefinition { + // The definitions of each property of the complex setting + propertyDefinitionIds?: NullableOption; +} +export interface DeviceManagementComplexSettingInstance extends DeviceManagementSettingInstance { + // The values that make up the complex setting + value?: NullableOption; +} +export interface DeviceManagementComplianceActionItem extends Entity { /** - * The metric date time. The value cannot be modified and is automatically populated when the metric is created. The - * Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Returned by default. + * What action to take. Possible values are: noAction, notification, block, retire, wipe, removeResourceAccessProfiles, + * pushNotification, remoteLock. */ - metricDateTime?: string; - // The user experience analytics metric type. - metricType?: NullableOption; + actionType?: DeviceManagementComplianceActionType; + // Number of hours to wait till the action will be enforced. Valid values 0 to 8760 + gracePeriodHours?: number; + /** + * A list of group IDs to speicify who to CC this notification message to. This collection can contain a maximum of 100 + * elements. + */ + notificationMessageCCList?: NullableOption; + // What notification Message template to use + notificationTemplateId?: NullableOption; } -export interface UserExperienceAnalyticsDevicePerformance extends Entity { - // Average (mean) number of Blue Screens per device in the last 30 days. Valid values 0 to 9999999 - averageBlueScreens?: number; - // Average (mean) number of Restarts per device in the last 30 days. Valid values 0 to 9999999 - averageRestarts?: number; - // Number of Blue Screens in the last 30 days. Valid values 0 to 9999999 - blueScreenCount?: number; - // The user experience analytics device boot score. - bootScore?: number; - // The user experience analytics device core boot time in milliseconds. - coreBootTimeInMs?: number; - // The user experience analytics device core login time in milliseconds. - coreLoginTimeInMs?: number; - // User experience analytics summarized device count. - deviceCount?: number; - // The user experience analytics device name. - deviceName?: NullableOption; - // The user experience analytics device disk type. Possible values are: unknown, hdd, ssd, unknownFutureValue. - diskType?: DiskType; - // The user experience analytics device group policy boot time in milliseconds. - groupPolicyBootTimeInMs?: number; - // The user experience analytics device group policy login time in milliseconds. - groupPolicyLoginTimeInMs?: number; +export interface DeviceManagementCompliancePolicy extends Entity { + // Policy creation date and time. This property is read-only. + createdDateTime?: string; + // Policy creation source + creationSource?: NullableOption; + // Policy description + description?: NullableOption; + // Policy assignment status. This property is read-only. + isAssigned?: boolean; + // Policy last modification date and time. This property is read-only. + lastModifiedDateTime?: string; + // Policy name + name?: NullableOption; /** - * The health state of the user experience analytics device. Possible values are: unknown, insufficientData, - * needsAttention, meetingGoals, unknownFutureValue. + * Platforms for this policy. Possible values are: none, android, iOS, macOS, windows10X, windows10, linux, + * unknownFutureValue. */ - healthStatus?: UserExperienceAnalyticsHealthState; - // The user experience analytics device login score. - loginScore?: number; - // The user experience analytics device manufacturer. - manufacturer?: NullableOption; - // The user experience analytics device model. - model?: NullableOption; + platforms?: DeviceManagementConfigurationPlatforms; + // List of Scope Tags for this Entity instance. + roleScopeTagIds?: NullableOption; + // Number of settings. This property is read-only. + settingCount?: number; /** - * The user experience analytics model level startup performance score. Valid values -1.79769313486232E+308 to - * 1.79769313486232E+308 + * Technologies for this policy. Possible values are: none, mdm, windows10XManagement, configManager, + * appleRemoteManagement, microsoftSense, exchangeOnline, mobileApplicationManagement, linuxMdm, enrollment, + * endpointPrivilegeManagement, unknownFutureValue, windowsOsRecovery. */ - modelStartupPerformanceScore?: number; - // The user experience analytics device Operating System version. - operatingSystemVersion?: NullableOption; - // The user experience analytics responsive desktop time in milliseconds. - responsiveDesktopTimeInMs?: number; - // Number of Restarts in the last 30 days. Valid values 0 to 9999999 - restartCount?: number; + technologies?: DeviceManagementConfigurationTechnologies; + // Policy assignments + assignments?: NullableOption; + // The list of scheduled action for this rule + scheduledActionsForRule?: NullableOption; + // Policy settings + settings?: NullableOption; +} +export interface DeviceManagementComplianceScheduledActionForRule extends Entity { + // Name of the rule which this scheduled action applies to. + ruleName?: NullableOption; /** - * The user experience analytics device startup performance score. Valid values -1.79769313486232E+308 to - * 1.79769313486232E+308 + * The list of scheduled action configurations for this compliance policy. This collection can contain a maximum of 100 + * elements. */ - startupPerformanceScore?: number; + scheduledActionConfigurations?: NullableOption; } -export interface UserExperienceAnalyticsDeviceScope extends Entity { - // Indicates the creation date and time for the custom device scope. - createdDateTime?: string; - // The name of the user experience analytics device Scope configuration. - deviceScopeName?: NullableOption; +export interface DeviceManagementConfigurationCategory extends Entity { + // Description of the category header in policy summary. + categoryDescription?: NullableOption; + // List of child ids of the category. + childCategoryIds?: NullableOption; + // Description of the category. For example: Display + description?: NullableOption; + // Name of the category. For example: Device Lock + displayName?: NullableOption; + // Help text of the category. Give more details of the category. + helpText?: NullableOption; + // Name of the item + name?: NullableOption; + // Direct parent id of the category. If the category is the root, the parent id is same as its id. + parentCategoryId?: NullableOption; /** - * Indicates whether a device scope is enabled or disabled. When TRUE, the device scope is enabled. When FALSE, the device - * scope is disabled. Default value is FALSE. + * Platforms types, which settings in the category have. Possible values are: none. android, androidEnterprise, iOs, + * macOs, windows10X, windows10, aosp, and linux. If this property is not set, or set to none, returns categories in all + * platforms. Supports: $filters, $select. Read-only. Possible values are: none, android, iOS, macOS, windows10X, + * windows10, linux, unknownFutureValue. */ - enabled?: boolean; + platforms?: DeviceManagementConfigurationPlatforms; + // Root id of the category. + rootCategoryId?: NullableOption; /** - * Indicates whether the device scope configuration is built-in or custom. When TRUE, the device scope configuration is - * built-in. When FALSE, the device scope configuration is custom. Default value is FALSE. + * Indicates that the category contains settings that are used for compliance, configuration, or reusable settings. + * Possible values are: configuration, compliance, reusableSetting. Each setting usage has separate API end-point to call. + * Read-only. Possible values are: none, configuration, compliance, unknownFutureValue. */ - isBuiltIn?: boolean; - // Indicates the last updated date and time for the custom device scope. - lastModifiedDateTime?: string; + settingUsage?: DeviceManagementConfigurationSettingUsage; /** - * Device scope configuration query operator. Possible values are: equals, notEquals, contains, notContains, greaterThan, - * lessThan. Default value: equals. Possible values are: none, equals, unknownFutureValue. + * Technologies types, which settings in the category have. Possible values are: none, mdm, configManager, + * intuneManagementExtension, thirdParty, documentGateway, appleRemoteManagement, microsoftSense, exchangeOnline, edgeMam, + * linuxMdm, extensibility, enrollment, endpointPrivilegeManagement. If this property is not set, or set to none, returns + * categories in all platforms. Supports: $filters, $select. Read-only. Possible values are: none, mdm, + * windows10XManagement, configManager, appleRemoteManagement, microsoftSense, exchangeOnline, + * mobileApplicationManagement, linuxMdm, enrollment, endpointPrivilegeManagement, unknownFutureValue, windowsOsRecovery. */ - operator?: DeviceScopeOperator; - // The unique identifier of the person (admin) who created the device scope configuration. - ownerId?: NullableOption; + technologies?: DeviceManagementConfigurationTechnologies; +} +export interface DeviceManagementConfigurationChoiceSettingCollectionDefinition extends DeviceManagementConfigurationChoiceSettingDefinition { + // Maximum number of choices in the collection + maximumCount?: number; + // Minimum number of choices in the collection + minimumCount?: number; +} +export interface DeviceManagementConfigurationChoiceSettingDefinition extends DeviceManagementConfigurationSettingDefinition { + // Default option for the choice setting. + defaultOptionId?: NullableOption; + // Options for the setting that can be selected. + options?: NullableOption; +} +export interface DeviceManagementConfigurationPolicy extends Entity { + // Policy creation date and time + createdDateTime?: string; + // Policy creation source + creationSource?: NullableOption; + // Policy description + description?: NullableOption; + // Policy assignment status. This property is read-only. + isAssigned?: boolean; + // Policy last modification date and time + lastModifiedDateTime?: string; + // Policy name + name?: NullableOption; /** - * Device scope configuration parameter. It will be extended in future to add more parameter. Eg: device scope parameter - * can be OS version, Disk Type, Device manufacturer, device model or Scope tag. Default value: scopeTag. Possible values - * are: none, scopeTag, unknownFutureValue. + * Platforms for this policy. Possible values are: none, android, iOS, macOS, windows10X, windows10, linux, + * unknownFutureValue. */ - parameter?: DeviceScopeParameter; + platforms?: DeviceManagementConfigurationPlatforms; + // Indicates the priority of each policies that are selected by the admin during enrollment process + priorityMetaData?: NullableOption; + // List of Scope Tags for this Entity instance. + roleScopeTagIds?: NullableOption; + // Number of settings + settingCount?: number; /** - * Indicates the device scope status after the device scope has been enabled. Possible values are: none, computing, - * insufficientData or completed. Default value is none. Possible values are: none, computing, insufficientData, - * completed, unknownFutureValue. + * Technologies for this policy. Possible values are: none, mdm, windows10XManagement, configManager, + * appleRemoteManagement, microsoftSense, exchangeOnline, mobileApplicationManagement, linuxMdm, enrollment, + * endpointPrivilegeManagement, unknownFutureValue, windowsOsRecovery. */ - status?: DeviceScopeStatus; - // The device scope configuration query clause value. - value?: NullableOption; - // The unique identifier for a user device scope tag Id used for the creation of device scope configuration. - valueObjectId?: NullableOption; + technologies?: DeviceManagementConfigurationTechnologies; + // Template reference information + templateReference?: NullableOption; + // Policy assignments + assignments?: NullableOption; + // Policy settings + settings?: NullableOption; } -export interface UserExperienceAnalyticsDeviceScores extends Entity { +export interface DeviceManagementConfigurationPolicyAssignment extends Entity { /** - * Indicates a score calculated from application health data to indicate when a device is having problems running one or - * more applications. Valid values range from 0-100. Value -1 means associated score is unavailable. A higher score - * indicates a healthier device. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * The assignment source for the device compliance policy, direct or parcel/policySet. Possible values are: direct, + * policySets. */ - appReliabilityScore?: number; + source?: DeviceAndAppManagementAssignmentSource; + // The identifier of the source of the assignment. + sourceId?: NullableOption; + // The assignment target for the DeviceManagementConfigurationPolicy. + target?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface DeviceManagementConfigurationPolicyPolicySetItem extends PolicySetItem {} +export interface DeviceManagementConfigurationPolicyTemplate extends Entity { + // Allow unmanaged setting templates + allowUnmanagedSettings?: boolean; + // Template base identifier + baseId?: NullableOption; + // Template description + description?: NullableOption; + // Template display name + displayName?: NullableOption; + // Description of template version + displayVersion?: NullableOption; /** - * Indicates a calulated score indicating the health of the device's battery. Valid values range from 0-100. Value -1 - * means associated score is unavailable. A higher score indicates a healthier device. Read-only. Valid values - * -1.79769313486232E+308 to 1.79769313486232E+308 + * Indicate current lifecycle state of template. Possible values are: invalid, draft, active, superseded, deprecated, + * retired. */ - batteryHealthScore?: number; - // The name of the device. Supports: $select, $OrderBy. Read-only. - deviceName?: NullableOption; + lifecycleState?: DeviceManagementTemplateLifecycleState; /** - * Indicates a weighted average of the various scores. Valid values range from 0-100. Value -1 means associated score is - * unavailable. A higher score indicates a healthier device. Read-only. Valid values -1.79769313486232E+308 to - * 1.79769313486232E+308 + * Platforms for this template. Possible values are: none, android, iOS, macOS, windows10X, windows10, linux, + * unknownFutureValue. */ - endpointAnalyticsScore?: number; + platforms?: DeviceManagementConfigurationPlatforms; + // Number of setting templates. Valid values 0 to 2147483647. This property is read-only. + settingTemplateCount?: number; /** - * The health status of the device. Possible values are: unknown, insufficientData, needsAttention, meetingGoals. Unknown - * by default. Supports: $filter, $select, $OrderBy. Read-only. Possible values are: unknown, insufficientData, - * needsAttention, meetingGoals, unknownFutureValue. + * Technologies for this template. Possible values are: none, mdm, windows10XManagement, configManager, + * appleRemoteManagement, microsoftSense, exchangeOnline, mobileApplicationManagement, linuxMdm, enrollment, + * endpointPrivilegeManagement, unknownFutureValue, windowsOsRecovery. */ - healthStatus?: UserExperienceAnalyticsHealthState; + technologies?: DeviceManagementConfigurationTechnologies; /** - * The manufacturer name of the device. Examples: Microsoft Corporation, HP, Lenovo. Supports: $select, $OrderBy. - * Read-only. + * TemplateFamily for this template. Possible values are: none, endpointSecurityAntivirus, endpointSecurityDiskEncryption, + * endpointSecurityFirewall, endpointSecurityEndpointDetectionAndResponse, endpointSecurityAttackSurfaceReduction, + * endpointSecurityAccountProtection, endpointSecurityApplicationControl, endpointSecurityEndpointPrivilegeManagement, + * enrollmentConfiguration, appQuietTime, baseline, unknownFutureValue, deviceConfigurationScripts, + * deviceConfigurationPolicies, windowsOsRecoveryPolicies, companyPortal. */ - manufacturer?: NullableOption; - // The model name of the device. Supports: $select, $OrderBy. Read-only. - model?: NullableOption; + templateFamily?: DeviceManagementConfigurationTemplateFamily; + // Template version. Valid values 1 to 2147483647. This property is read-only. + version?: number; + // Setting templates + settingTemplates?: NullableOption; +} +export interface DeviceManagementConfigurationRedirectSettingDefinition extends DeviceManagementConfigurationSettingDefinition { + // A deep link that points to the specific location in the Intune console where feature support must be managed from. + deepLink?: NullableOption; + // A message that explains that clicking the link will redirect the user to a supported page to manage the settings. + redirectMessage?: NullableOption; /** - * Indicates a weighted average of boot score and logon score used for measuring startup performance. Valid values range - * from 0-100. Value -1 means associated score is unavailable. A higher score indicates a healthier device. Read-only. - * Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Indicates the reason for redirecting the user to an alternative location in the console. For example: WiFi profiles are + * not supported in the settings catalog and must be created with a template policy. */ - startupPerformanceScore?: number; + redirectReason?: NullableOption; +} +export interface DeviceManagementConfigurationSetting extends Entity { + // Setting Instance + settingInstance?: DeviceManagementConfigurationSettingInstance; + // List of related Setting Definitions. This property is read-only. + settingDefinitions?: NullableOption; +} +export interface DeviceManagementConfigurationSettingDefinition extends Entity { + // Read/write access mode of the setting. Possible values are: none, add, copy, delete, get, replace, execute. + accessTypes?: DeviceManagementConfigurationSettingAccessTypes; + // Details which device setting is applicable on. Supports: $filters. + applicability?: NullableOption; + // Base CSP Path + baseUri?: NullableOption; + // Specify category in which the setting is under. Support $filters. + categoryId?: NullableOption; + // Description of the setting. + description?: NullableOption; + // Name of the setting. For example: Allow Toast. + displayName?: NullableOption; + // Help text of the setting. Give more details of the setting. + helpText?: NullableOption; + // List of links more info for the setting can be found at. + infoUrls?: NullableOption; + // Tokens which to search settings on + keywords?: NullableOption; + // Name of the item + name?: NullableOption; + // Indicates whether the setting is required or not + occurrence?: NullableOption; + // Offset CSP Path from Base + offsetUri?: NullableOption; + // List of referred setting information. + referredSettingInformationList?: NullableOption; + // Root setting definition id if the setting is a child setting. + rootDefinitionId?: NullableOption; /** - * Indicates a weighted score of the work from anywhere on a device level. Valid values range from 0-100. Value -1 means - * associated score is unavailable. A higher score indicates a healthier device. Read-only. Valid values - * -1.79769313486232E+308 to 1.79769313486232E+308 + * Indicate setting type for the setting. Possible values are: configuration, compliance, reusableSetting. Each setting + * usage has separate API end-point to call. Possible values are: none, configuration, compliance, unknownFutureValue. */ - workFromAnywhereScore?: number; -} -export interface UserExperienceAnalyticsDeviceStartupHistory extends Entity { - // The device core boot time in milliseconds. Supports: $select, $OrderBy. Read-only. - coreBootTimeInMs?: number; - // The device core login time in milliseconds. Supports: $select, $OrderBy. Read-only. - coreLoginTimeInMs?: number; - // The Intune device id of the device. Supports: $select, $OrderBy. Read-only. - deviceId?: NullableOption; - // The impact of device feature updates on boot time in milliseconds. Supports: $select, $OrderBy. Read-only. - featureUpdateBootTimeInMs?: number; - // The impact of device group policy client on boot time in milliseconds. Supports: $select, $OrderBy. Read-only. - groupPolicyBootTimeInMs?: number; - // The impact of device group policy client on login time in milliseconds. Supports: $select, $OrderBy. Read-only. - groupPolicyLoginTimeInMs?: number; + settingUsage?: DeviceManagementConfigurationSettingUsage; /** - * When TRUE, indicates the device boot record is associated with feature updates. When FALSE, indicates the device boot - * record is not associated with feature updates. Supports: $select, $OrderBy. Read-only. + * Setting control type representation in the UX. Possible values are: default, dropdown, smallTextBox, largeTextBox, + * toggle, multiheaderGrid, contextPane. Possible values are: default, dropdown, smallTextBox, largeTextBox, toggle, + * multiheaderGrid, contextPane, unknownFutureValue. */ - isFeatureUpdate?: boolean; + uxBehavior?: DeviceManagementConfigurationControlType; + // Item Version + version?: NullableOption; /** - * When TRUE, indicates the device login is the first login after a reboot. When FALSE, indicates the device login is not - * the first login after a reboot. Supports: $select, $OrderBy. Read-only. + * Setting visibility scope to UX. Possible values are: none, settingsCatalog, template. Possible values are: none, + * settingsCatalog, template, unknownFutureValue. */ - isFirstLogin?: boolean; - // The user experience analytics device boot record's operating system version. Supports: $select, $OrderBy. Read-only. - operatingSystemVersion?: NullableOption; - // The time for desktop to become responsive during login process in milliseconds. Supports: $select, $OrderBy. Read-only. - responsiveDesktopTimeInMs?: number; + visibility?: DeviceManagementConfigurationSettingVisibility; +} +export interface DeviceManagementConfigurationSettingGroupCollectionDefinition extends DeviceManagementConfigurationSettingGroupDefinition { + // Maximum number of setting group count in the collection. Valid values 1 to 100 + maximumCount?: number; + // Minimum number of setting group count in the collection. Valid values 1 to 100 + minimumCount?: number; +} +export interface DeviceManagementConfigurationSettingGroupDefinition extends DeviceManagementConfigurationSettingDefinition { + // Dependent child settings to this group of settings. + childIds?: NullableOption; + // List of child settings that depend on this setting + dependedOnBy?: NullableOption; + // List of Dependencies for the setting group + dependentOn?: NullableOption; +} +export interface DeviceManagementConfigurationSettingTemplate extends Entity { + // Setting Instance Template + settingInstanceTemplate?: DeviceManagementConfigurationSettingInstanceTemplate; + // List of related Setting Definitions + settingDefinitions?: NullableOption; +} +export interface DeviceManagementConfigurationSimpleSettingCollectionDefinition extends DeviceManagementConfigurationSimpleSettingDefinition { + // Maximum number of simple settings in the collection. Valid values 1 to 100 + maximumCount?: number; + // Minimum number of simple settings in the collection. Valid values 1 to 100 + minimumCount?: number; +} +export interface DeviceManagementConfigurationSimpleSettingDefinition extends DeviceManagementConfigurationSettingDefinition { + // Default setting value for this setting. + defaultValue?: NullableOption; + // list of child settings that depend on this setting. + dependedOnBy?: NullableOption; + // list of parent settings this setting is dependent on. + dependentOn?: NullableOption; + // Definition of the value for this setting. + valueDefinition?: NullableOption; +} +export interface DeviceManagementDerivedCredentialSettings extends Entity { + // The display name for the profile. + displayName?: string; + // The URL that will be accessible to end users as they retrieve a derived credential using the Company Portal. + helpUrl?: NullableOption; + // The derived credential provider to use. Possible values are: intercede, entrustDatacard, purebred, xTec. + issuer?: DeviceManagementDerivedCredentialIssuer; /** - * OS restart category. Possible values are: unknown, restartWithUpdate, restartWithoutUpdate, blueScreen, - * shutdownWithUpdate, shutdownWithoutUpdate, longPowerButtonPress, bootError, update. Unknown by default. Supports: - * $select, $OrderBy. Read-only. Possible values are: unknown, restartWithUpdate, restartWithoutUpdate, blueScreen, - * shutdownWithUpdate, shutdownWithoutUpdate, longPowerButtonPress, bootError, update, unknownFutureValue. + * The methods used to inform the end user to open Company Portal to deliver Wi-Fi, VPN, or email profiles that use + * certificates to the device. Possible values are: none, companyPortal, email. */ - restartCategory?: UserExperienceAnalyticsOperatingSystemRestartCategory; + notificationType?: DeviceManagementDerivedCredentialNotificationType; + // The nominal percentage of time before certificate renewal is initiated by the client. + renewalThresholdPercentage?: number; +} +export interface DeviceManagementDomainJoinConnector extends Entity { + // The connector display name. + displayName?: NullableOption; + // Last time connector contacted Intune. + lastConnectionDateTime?: string; + // The connector state. Possible values are: active, error, inactive. + state?: DeviceManagementDomainJoinConnectorState; + // The version of the connector. + version?: string; +} +export interface DeviceManagementExchangeConnector extends Entity { + // The name of the server hosting the Exchange Connector. + connectorServerName?: NullableOption; + // An alias assigned to the Exchange server + exchangeAlias?: NullableOption; /** - * OS restart fault bucket. The fault bucket is used to find additional information about a system crash. Supports: - * $select, $OrderBy. Read-only. + * The type of Exchange Connector Configured. Possible values are: onPremises, hosted, serviceToService, dedicated, + * unknownFutureValue. */ - restartFaultBucket?: NullableOption; + exchangeConnectorType?: DeviceManagementExchangeConnectorType; + // Exchange Organization to the Exchange server + exchangeOrganization?: NullableOption; + // Last sync time for the Exchange Connector + lastSyncDateTime?: string; + // Email address used to configure the Service To Service Exchange Connector. + primarySmtpAddress?: NullableOption; + // The name of the Exchange server. + serverName?: NullableOption; + // Exchange Connector Status. Possible values are: none, connectionPending, connected, disconnected, unknownFutureValue. + status?: DeviceManagementExchangeConnectorStatus; + // The version of the ExchangeConnectorAgent + version?: NullableOption; +} +export interface DeviceManagementExchangeOnPremisesPolicy extends Entity { + // The list of device access rules in Exchange. The access rules apply globally to the entire Exchange organization + accessRules?: NullableOption; /** - * OS restart stop code. This shows the bug check code which can be used to look up the blue screen reason. Supports: - * $select, $OrderBy. Read-only. + * Default access state in Exchange. This rule applies globally to the entire Exchange organization. Possible values are: + * none, allow, block, quarantine. */ - restartStopCode?: NullableOption; + defaultAccessLevel?: DeviceManagementExchangeAccessLevel; + // The list of device classes known to Exchange + knownDeviceClasses?: NullableOption; + // Notification text that will be sent to users quarantined by this policy. This is UTF8 encoded byte array HTML. + notificationContent?: NullableOption; /** - * The device boot start time. The value cannot be modified and is automatically populated when the device performs a - * reboot. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For - * example, midnight UTC on Jan 1, 2022 would look like this: '2022-01-01T00:00:00Z'. Returned by default. Read-only. + * The Exchange on premises conditional access settings. On premises conditional access will require devices to be both + * enrolled and compliant for mail access */ - startTime?: string; - // The device total boot time in milliseconds. Supports: $select, $OrderBy. Read-only. - totalBootTimeInMs?: number; - // The device total login time in milliseconds. Supports: $select, $OrderBy. Read-only. - totalLoginTimeInMs?: number; -} -export interface UserExperienceAnalyticsDeviceStartupProcess extends Entity { - // The Intune device id of the device. Supports: $select, $OrderBy. Read-only. - managedDeviceId?: NullableOption; - // The name of the process. Examples: outlook, excel. Supports: $select, $OrderBy. Read-only. - processName?: NullableOption; - // The product name of the process. Examples: Microsoft Outlook, Microsoft Excel. Supports: $select, $OrderBy. Read-only. - productName?: NullableOption; - // The publisher of the process. Examples: Microsoft Corporation, Contoso Corp. Supports: $select, $OrderBy. Read-only. - publisher?: NullableOption; - // The impact of startup process on device boot time in milliseconds. Supports: $select, $OrderBy. Read-only. - startupImpactInMs?: number; + conditionalAccessSettings?: NullableOption; } -export interface UserExperienceAnalyticsDeviceStartupProcessPerformance extends Entity { - // The count of devices which initiated this process on startup. Supports: $filter, $select, $OrderBy. Read-only. - deviceCount?: number; +export interface DeviceManagementExportJob extends Entity { + // Time that the exported report expires. + expirationDateTime?: string; + // Filters applied on the report. The maximum length allowed for this property is 2000 characters. + filter?: NullableOption; /** - * The median impact of startup process on device boot time in milliseconds. Supports: $filter, $select, $OrderBy. - * Read-only. + * Format of the exported report. Possible values are csv and json. Possible values are: csv, pdf, json, + * unknownFutureValue. */ - medianImpactInMs?: number; - // The name of the startup process. Examples: outlook, excel. Supports: $select, $OrderBy. Read-only. - processName?: NullableOption; + format?: DeviceManagementReportFileFormat; /** - * The product name of the startup process. Examples: Microsoft Outlook, Microsoft Excel. Supports: $select, $OrderBy. - * Read-only. + * Configures how the requested export job is localized. Possible values are replaceLocalizableValues and + * localizedValuesAsAdditionalColumn. Possible values are: localizedValuesAsAdditionalColumn, replaceLocalizableValues. */ - productName?: NullableOption; + localizationType?: DeviceManagementExportJobLocalizationType; + // Name of the report. The maximum length allowed for this property is 2000 characters. + reportName?: string; + // Time that the exported report was requested. + requestDateTime?: string; + // Configures a search term to filter the data. The maximum length allowed for this property is 100 characters. + search?: NullableOption; /** - * The publisher of the startup process. Examples: Microsoft Corporation, Contoso Corp. Supports: $select, $OrderBy. - * Read-only. + * Columns selected from the report. The maximum number of allowed columns names is 256. The maximum length allowed for + * each column name in this property is 1000 characters. */ - publisher?: NullableOption; + select?: NullableOption; /** - * The total impact of startup process on device boot time in milliseconds. Supports: $filter, $select, $OrderBy. - * Read-only. + * A snapshot is an identifiable subset of the dataset represented by the ReportName. A sessionId or + * CachedReportConfiguration id can be used here. If a sessionId is specified, Filter, Select, and OrderBy are applied to + * the data represented by the sessionId. Filter, Select, and OrderBy cannot be specified together with a + * CachedReportConfiguration id. The maximum length allowed for this property is 128 characters. */ - totalImpactInMs?: number; -} -export interface UserExperienceAnalyticsDeviceWithoutCloudIdentity extends Entity { - // Azure Active Directory Device Id - azureAdDeviceId?: NullableOption; - // The tenant attach device's name. - deviceName?: NullableOption; -} -export interface UserExperienceAnalyticsDeviceTimelineEvent extends Entity { - // The id of the device where the event occurred. - deviceId?: NullableOption; - // The time the event occured. - eventDateTime?: string; - // The details provided by the event, format depends on event type. - eventDetails?: NullableOption; + snapshotId?: NullableOption; /** - * The severity level of the event enum. Possible values are: none, verbose, information, warning, error ,critical. - * Default value: none. Possible values are: none, verbose, information, warning, error, critical, unknownFutureValue. + * Status of the export job. Possible values are unknown, notStarted, inProgress, completed and failed. Possible values + * are: unknown, notStarted, inProgress, completed, failed. */ - eventLevel?: DeviceEventLevel; - // The name of the event. Examples include: BootEvent, LogonEvent, AppCrashEvent, AppHangEvent. - eventName?: NullableOption; - // The source of the event. Examples include: Intune, Sccm. - eventSource?: NullableOption; + status?: DeviceManagementReportStatus; + // Temporary location of the exported report. + url?: NullableOption; } -export interface UserExperienceAnalyticsImpactingProcess extends Entity { - // The category of impacting process. - category?: NullableOption; - // The description of process. - description?: NullableOption; - // The unique identifier of the impacted device. - deviceId?: NullableOption; - // The impact value of the process. Valid values 0 to 1.79769313486232E+308 - impactValue?: number; - // The process name. - processName?: NullableOption; - // The publisher of the process. - publisher?: NullableOption; +export interface DeviceManagementIntegerSettingInstance extends DeviceManagementSettingInstance { + // The integer value + value?: NullableOption; } -export interface UserExperienceAnalyticsModelScores extends Entity { - /** - * Indicates a score calculated from application health data to indicate when a device is having problems running one or - * more applications. Valid values range from 0-100. Value -1 means associated score is unavailable. A higher score - * indicates a healthier device. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 - */ - appReliabilityScore?: number; +export interface DeviceManagementIntent extends Entity { + // The user given description + description?: NullableOption; + // The user given display name + displayName?: string; + // Signifies whether or not the intent is assigned to users + isAssigned?: boolean; + // Signifies whether or not the intent is being migrated to the configurationPolicies endpoint + isMigratingToConfigurationPolicy?: NullableOption; + // When the intent was last modified + lastModifiedDateTime?: string; + // List of Scope Tags for this Entity instance. + roleScopeTagIds?: NullableOption; + // The ID of the template this intent was created from (if any) + templateId?: NullableOption; + // Collection of assignments + assignments?: NullableOption; + // Collection of setting categories within the intent + categories?: NullableOption; /** - * Indicates a calulated score indicating the health of the device's battery. Valid values range from 0-100. Value -1 - * means associated score is unavailable. A higher score indicates a healthier device. Read-only. Valid values - * -1.79769313486232E+308 to 1.79769313486232E+308 + * Collection of settings and their states and counts of devices that belong to corresponding state for all settings + * within the intent */ - batteryHealthScore?: number; + deviceSettingStateSummaries?: NullableOption; + // Collection of states of all devices that the intent is applied to + deviceStates?: NullableOption; /** - * Indicates a weighted average of the various scores. Valid values range from 0-100. Value -1 means associated score is - * unavailable. A higher score indicates a healthier device. Read-only. Valid values -1.79769313486232E+308 to - * 1.79769313486232E+308 + * A summary of device states and counts of devices that belong to corresponding state for all devices that the intent is + * applied to */ - endpointAnalyticsScore?: number; + deviceStateSummary?: NullableOption; + // Collection of all settings to be applied + settings?: NullableOption; + // Collection of states of all users that the intent is applied to + userStates?: NullableOption; /** - * The health status of the device. Possible values are: unknown, insufficientData, needsAttention, meetingGoals. Unknown - * by default. Supports: $filter, $select, $OrderBy. Read-only. Possible values are: unknown, insufficientData, - * needsAttention, meetingGoals, unknownFutureValue. + * A summary of user states and counts of users that belong to corresponding state for all users that the intent is + * applied to */ - healthStatus?: UserExperienceAnalyticsHealthState; + userStateSummary?: NullableOption; +} +export interface DeviceManagementIntentAssignment extends Entity { + // The assignment target + target?: NullableOption; +} +export interface DeviceManagementIntentDeviceSettingStateSummary extends Entity { + // Number of compliant devices + compliantCount?: number; + // Number of devices in conflict + conflictCount?: number; + // Number of error devices + errorCount?: number; + // Number of non compliant devices + nonCompliantCount?: number; + // Number of not applicable devices + notApplicableCount?: number; + // Number of remediated devices + remediatedCount?: number; + // Name of a setting + settingName?: NullableOption; +} +export interface DeviceManagementIntentDeviceState extends Entity { + // Device name that is being reported + deviceDisplayName?: NullableOption; + // Device id that is being reported + deviceId?: NullableOption; + // Last modified date time of an intent report + lastReportedDateTime?: string; /** - * The manufacturer name of the device. Examples: Microsoft Corporation, HP, Lenovo. Supports: $select, $OrderBy. - * Read-only. + * Device state for an intent. Possible values are: unknown, notApplicable, compliant, remediated, nonCompliant, error, + * conflict, notAssigned. */ - manufacturer?: NullableOption; - // The model name of the device. Supports: $select, $OrderBy. Read-only. - model?: NullableOption; + state?: ComplianceStatus; + // The user name that is being reported on a device + userName?: NullableOption; + // The user principal name that is being reported on a device + userPrincipalName?: NullableOption; +} +export interface DeviceManagementIntentDeviceStateSummary extends Entity { + // Number of devices in conflict + conflictCount?: number; + // Number of error devices + errorCount?: number; + // Number of failed devices + failedCount?: number; + // Number of not applicable devices + notApplicableCount?: number; + // Number of not applicable devices due to mismatch platform and policy + notApplicablePlatformCount?: number; + // Number of succeeded devices + successCount?: number; +} +export interface DeviceManagementIntentSettingCategory extends DeviceManagementSettingCategory { + // The settings this category contains + settings?: NullableOption; +} +export interface DeviceManagementIntentUserState extends Entity { + // Count of Devices that belongs to a user for an intent + deviceCount?: number; + // Last modified date time of an intent report + lastReportedDateTime?: string; /** - * Indicates unique devices count of given model in a consolidated report. Supports: $select, $OrderBy. Read-only. Valid - * values -9.22337203685478E+18 to 9.22337203685478E+18 + * User state for an intent. Possible values are: unknown, notApplicable, compliant, remediated, nonCompliant, error, + * conflict, notAssigned. */ - modelDeviceCount?: number; + state?: ComplianceStatus; + // The user name that is being reported on a device + userName?: NullableOption; + // The user principal name that is being reported on a device + userPrincipalName?: NullableOption; +} +export interface DeviceManagementIntentUserStateSummary extends Entity { + // Number of users in conflict + conflictCount?: number; + // Number of error users + errorCount?: number; + // Number of failed users + failedCount?: number; + // Number of not applicable users + notApplicableCount?: number; + // Number of succeeded users + successCount?: number; +} +export interface DeviceManagementPartner extends Entity { + // Partner display name + displayName?: NullableOption; + // User groups that specifies whether enrollment is through partner. + groupsRequiringPartnerEnrollment?: NullableOption; + // Whether device management partner is configured or not + isConfigured?: boolean; + // Timestamp of last heartbeat after admin enabled option Connect to Device management Partner + lastHeartbeatDateTime?: string; + // Partner App type. Possible values are: unknown, singleTenantApp, multiTenantApp. + partnerAppType?: DeviceManagementPartnerAppType; + // Partner state of this tenant. Possible values are: unknown, unavailable, enabled, terminated, rejected, unresponsive. + partnerState?: DeviceManagementPartnerTenantState; + // Partner Single tenant App id + singleTenantAppId?: NullableOption; + // DateTime in UTC when PartnerDevices will be marked as NonCompliant + whenPartnerDevicesWillBeMarkedAsNonCompliantDateTime?: NullableOption; + // DateTime in UTC when PartnerDevices will be removed + whenPartnerDevicesWillBeRemovedDateTime?: NullableOption; +} +export interface DeviceManagementReports extends Entity { + // Entity representing the configuration of a cached report. + cachedReportConfigurations?: NullableOption; + // Entity representing a job to export a report. + exportJobs?: NullableOption; +} +export interface DeviceManagementResourceAccessProfileAssignment extends Entity { + // The assignment intent for the resource access profile. Possible values are: apply, remove. + intent?: DeviceManagementResourceAccessProfileIntent; + // The identifier of the source of the assignment. + sourceId?: NullableOption; + // The assignment target for the resource access profile. + target?: DeviceAndAppManagementAssignmentTarget; +} +export interface DeviceManagementResourceAccessProfileBase extends Entity { + // DateTime profile was created + creationDateTime?: NullableOption; + // Profile description + description?: NullableOption; + // Profile display name + displayName?: string; + // DateTime profile was last modified + lastModifiedDateTime?: NullableOption; + // Scope Tags + roleScopeTagIds?: NullableOption; + // Version of the profile + version?: number; + // The list of assignments for the device configuration profile. + assignments?: NullableOption; +} +export interface DeviceManagementReusablePolicySetting extends Entity { + // reusable setting creation date and time. This property is read-only. + createdDateTime?: string; + // reusable setting description supplied by user. + description?: NullableOption; + // reusable setting display name supplied by user. + displayName?: string; + // date and time when reusable setting was last modified. This property is read-only. + lastModifiedDateTime?: string; /** - * Indicates a weighted average of boot score and logon score used for measuring startup performance. Valid values range - * from 0-100. Value -1 means associated score is unavailable. A higher score indicates a healthier device. Read-only. - * Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * count of configuration policies referencing the current reusable setting. Valid values 0 to 2147483647. This property + * is read-only. */ - startupPerformanceScore?: number; + referencingConfigurationPolicyCount?: number; + // setting definition id associated with this reusable setting. + settingDefinitionId?: NullableOption; + // reusable setting configuration instance + settingInstance?: NullableOption; + // version number for reusable setting. Valid values 0 to 2147483647. This property is read-only. + version?: number; + // configuration policies referencing the current reusable setting. This property is read-only. + referencingConfigurationPolicies?: NullableOption; +} +export interface DeviceManagementScript extends Entity { + // The date and time the device management script was created. This property is read-only. + createdDateTime?: string; + // Optional description for the device management script. + description?: NullableOption; + // Name of the device management script. + displayName?: NullableOption; + // Indicate whether the script signature needs be checked. + enforceSignatureCheck?: boolean; + // Script file name. + fileName?: NullableOption; + // The date and time the device management script was last modified. This property is read-only. + lastModifiedDateTime?: string; + // List of Scope Tag IDs for this PowerShellScript instance. + roleScopeTagIds?: NullableOption; + // A value indicating whether the PowerShell script should run as 32-bit + runAs32Bit?: boolean; + // Indicates the type of execution context. Possible values are: system, user. + runAsAccount?: RunAsAccountType; + // The script content. + scriptContent?: NullableOption; + // The list of group assignments for the device management script. + assignments?: NullableOption; + // List of run states for this script across all devices. + deviceRunStates?: NullableOption; + // The list of group assignments for the device management script. + groupAssignments?: NullableOption; + // Run summary for device management script. + runSummary?: NullableOption; + // List of run states for this script across all users. + userRunStates?: NullableOption; +} +export interface DeviceManagementScriptAssignment extends Entity { + // The Id of the Azure Active Directory group we are targeting the script to. + target?: NullableOption; +} +export interface DeviceManagementScriptDeviceState extends Entity { + // Error code corresponding to erroneous execution of the device management script. + errorCode?: number; + // Error description corresponding to erroneous execution of the device management script. + errorDescription?: NullableOption; + // Latest time the device management script executes. + lastStateUpdateDateTime?: string; + // Details of execution output. + resultMessage?: NullableOption; /** - * Indicates a weighted score of the work from anywhere on a device level. Valid values range from 0-100. Value -1 means - * associated score is unavailable. A higher score indicates a healthier device. Read-only. Valid values - * -1.79769313486232E+308 to 1.79769313486232E+308 + * State of latest run of the device management script. Possible values are: unknown, success, fail, scriptError, pending, + * notApplicable. */ - workFromAnywhereScore?: number; + runState?: RunState; + // The managed devices that executes the device management script. + managedDevice?: NullableOption; } -export interface UserExperienceAnalyticsNotAutopilotReadyDevice extends Entity { - // The intune device's autopilotProfileAssigned. - autoPilotProfileAssigned?: boolean; - // The intune device's autopilotRegistered. - autoPilotRegistered?: boolean; - // The intune device's azure Ad joinType. - azureAdJoinType?: NullableOption; - // The intune device's azureAdRegistered. - azureAdRegistered?: NullableOption; - // The intune device's name. - deviceName?: NullableOption; - // The intune device's managed by. - managedBy?: NullableOption; - // The intune device's manufacturer. - manufacturer?: NullableOption; - // The intune device's model. - model?: NullableOption; - // The intune device's serial number. - serialNumber?: NullableOption; +export interface DeviceManagementScriptGroupAssignment extends Entity { + // The Id of the Azure Active Directory group we are targeting the script to. + targetGroupId?: NullableOption; } -export interface UserExperienceAnalyticsOverview extends Entity { - // The user experience analytics insights. Read-only. - insights?: NullableOption; +// tslint:disable-next-line: no-empty-interface +export interface DeviceManagementScriptPolicySetItem extends PolicySetItem {} +export interface DeviceManagementScriptRunSummary extends Entity { + // Error device count. + errorDeviceCount?: number; + // Error user count. + errorUserCount?: number; + // Success device count. + successDeviceCount?: number; + // Success user count. + successUserCount?: number; } -export interface UserExperienceAnalyticsRemoteConnection extends Entity { - // The sign in failure percentage of Cloud PC Device. Valid values 0 to 100 - cloudPcFailurePercentage?: number; - // The round tip time of Cloud PC Device. Valid values 0 to 1.79769313486232E+308 - cloudPcRoundTripTime?: number; - // The sign in time of Cloud PC Device. Valid values 0 to 1.79769313486232E+308 - cloudPcSignInTime?: number; - // The core boot time of Cloud PC Device. Valid values 0 to 1.79769313486232E+308 - coreBootTime?: number; - // The core sign in time of Cloud PC Device. Valid values 0 to 1.79769313486232E+308 - coreSignInTime?: number; - // The count of remote connection. Valid values 0 to 2147483647 - deviceCount?: number; - // The id of the device. - deviceId?: NullableOption; - // The name of the device. - deviceName?: NullableOption; - // The user experience analytics manufacturer. - manufacturer?: NullableOption; - // The user experience analytics device model. - model?: NullableOption; - // The remote sign in time of Cloud PC Device. Valid values 0 to 1.79769313486232E+308 - remoteSignInTime?: number; - // The user experience analytics userPrincipalName. +export interface DeviceManagementScriptUserState extends Entity { + // Error device count for specific user. + errorDeviceCount?: number; + // Success device count for specific user. + successDeviceCount?: number; + // User principle name of specific user. userPrincipalName?: NullableOption; - // The user experience analytics virtual network. - virtualNetwork?: NullableOption; + // List of run states for this script across all devices of specific user. + deviceRunStates?: NullableOption; } -export interface UserExperienceAnalyticsResourcePerformance extends Entity { - // AverageSpikeTimeScore of a device or a model type. Valid values 0 to 100 - averageSpikeTimeScore?: number; - // CPU spike time in percentage. Valid values 0 to 100 - cpuSpikeTimePercentage?: number; - // Threshold of cpuSpikeTimeScore. Valid values 0 to 100 - cpuSpikeTimePercentageThreshold?: number; - // The user experience analytics device CPU spike time score. Valid values 0 to 100 - cpuSpikeTimeScore?: number; - // User experience analytics summarized device count. - deviceCount?: number; - // The id of the device. - deviceId?: NullableOption; - // The name of the device. - deviceName?: NullableOption; - // Resource performance score of a specific device. Valid values 0 to 100 - deviceResourcePerformanceScore?: number; - // The user experience analytics device manufacturer. - manufacturer?: NullableOption; - // The user experience analytics device model. - model?: NullableOption; - // RAM spike time in percentage. Valid values 0 to 100 - ramSpikeTimePercentage?: number; - // Threshold of ramSpikeTimeScore. Valid values 0 to 100 - ramSpikeTimePercentageThreshold?: number; - // The user experience analytics device RAM spike time score. Valid values 0 to 100 - ramSpikeTimeScore?: number; +export interface DeviceManagementSettingCategory extends Entity { + // The category name + displayName?: NullableOption; + // The category contains top level required setting + hasRequiredSetting?: NullableOption; + // The setting definitions this category contains + settingDefinitions?: NullableOption; } -export interface UserExperienceAnalyticsScoreHistory extends Entity { - /** - * The device startup date time. The value cannot be modified and is automatically populated. The Timestamp type - * represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan - * 1, 2014 would look like this: '2014-01-01T00:00:00Z'. Returned by default. - */ - startupDateTime?: string; +export interface DeviceManagementSettingDefinition extends Entity { + // Collection of constraints for the setting value + constraints?: NullableOption; + // Collection of dependencies on other settings + dependencies?: NullableOption; + // The setting's description + description?: NullableOption; + // The setting's display name + displayName?: string; + // Url to setting documentation + documentationUrl?: NullableOption; + // subtitle of the setting header for more details about the category/section + headerSubtitle?: NullableOption; + // title of the setting header represents a category/section of a setting/settings + headerTitle?: NullableOption; + // If the setting is top level, it can be configured without the need to be wrapped in a collection or complex setting + isTopLevel?: boolean; + // Keywords associated with the setting + keywords?: NullableOption; + // Placeholder text as an example of valid input + placeholderText?: NullableOption; + // The data type of the value. Possible values are: integer, boolean, string, complex, collection, abstractComplex. + valueType?: DeviceManangementIntentValueType; +} +export interface DeviceManagementSettingInstance extends Entity { + // The ID of the setting definition for this instance + definitionId?: string; + // JSON representation of the value + valueJson?: NullableOption; +} +export interface DeviceManagementStringSettingInstance extends DeviceManagementSettingInstance { + // The string value + value?: NullableOption; } -export interface UserExperienceAnalyticsWorkFromAnywhereHardwareReadinessMetric extends Entity { +export interface DeviceManagementTemplate extends Entity { + // The template's description + description?: NullableOption; + // The template's display name + displayName?: string; + // Number of Intents created from this template. + intentCount?: number; + // The template is deprecated or not. Intents cannot be created from a deprecated template. + isDeprecated?: boolean; /** - * The percentage of devices for which OS check has failed. Valid values 0 to 100. Supports: $select, $OrderBy. Read-only. - * Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * The template's platform. Possible values are: android, androidForWork, iOS, macOS, windowsPhone81, windows81AndLater, + * windows10AndLater, androidWorkProfile, windows10XProfile, all. */ - osCheckFailedPercentage?: number; + platformType?: PolicyPlatformType; + // When the template was published + publishedDateTime?: string; /** - * The percentage of devices for which processor hardware 64-bit architecture check has failed. Valid values 0 to 100. - * Supports: $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * The template's subtype. Possible values are: none, firewall, diskEncryption, attackSurfaceReduction, + * endpointDetectionReponse, accountProtection, antivirus, firewallSharedAppList, firewallSharedIpList, + * firewallSharedPortlist. */ - processor64BitCheckFailedPercentage?: number; + templateSubtype?: DeviceManagementTemplateSubtype; /** - * The percentage of devices for which processor hardware core count check has failed. Valid values 0 to 100. Supports: - * $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * The template's type. Possible values are: securityBaseline, specializedDevices, + * advancedThreatProtectionSecurityBaseline, deviceConfiguration, custom, securityTemplate, microsoftEdgeSecurityBaseline, + * microsoftOffice365ProPlusSecurityBaseline, deviceCompliance, deviceConfigurationForOffice365, cloudPC, + * firewallSharedSettings. */ - processorCoreCountCheckFailedPercentage?: number; + templateType?: DeviceManagementTemplateType; + // The template's version information + versionInfo?: NullableOption; + // Collection of setting categories within the template + categories?: NullableOption; + // Collection of templates this template can migrate to + migratableTo?: NullableOption; + // Collection of all settings this template has + settings?: NullableOption; +} +export interface DeviceManagementTemplateInsightsDefinition extends Entity { + // Setting insights in a template + settingInsights?: NullableOption; +} +export interface DeviceManagementTemplateSettingCategory extends DeviceManagementSettingCategory { + // The settings this category contains + recommendedSettings?: NullableOption; +} +export interface DeviceManagementTroubleshootingEvent extends Entity { + // A set of string key and string value pairs which provides additional information on the Troubleshooting event + additionalInformation?: NullableOption; + // Id used for tracing the failure in the service. + correlationId?: NullableOption; + // Time when the event occurred . + eventDateTime?: string; + // Event Name corresponding to the Troubleshooting Event. It is an Optional field + eventName?: NullableOption; + // Object containing detailed information about the error and its remediation. + troubleshootingErrorDetails?: NullableOption; +} +export interface DeviceRegistrationPolicy extends Entity { /** - * The percentage of devices for which processor hardware family check has failed. Valid values 0 to 100. Supports: - * $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Specifies the authorization policy for controlling registration of new devices using Microsoft Entra join within your + * organization. Required. For more information, see What is a device identity?. */ - processorFamilyCheckFailedPercentage?: number; + azureADJoin?: NullableOption; /** - * The percentage of devices for which processor hardware speed check has failed. Valid values 0 to 100. Supports: - * $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Specifies the authorization policy for controlling registration of new devices using Microsoft Entra registered within + * your organization. Required. For more information, see What is a device identity?. */ - processorSpeedCheckFailedPercentage?: number; + azureADRegistration?: NullableOption; /** - * The percentage of devices for which RAM hardware check has failed. Valid values 0 to 100. Supports: $select, $OrderBy. - * Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * The description of the device registration policy. It's always set to Tenant-wide policy that manages intial + * provisioning controls using quota restrictions, additional authentication and authorization checks. Read-only. */ - ramCheckFailedPercentage?: number; + description?: NullableOption; + // The name of the device registration policy. It's always set to Device Registration Policy. Read-only. + displayName?: NullableOption; + // Specifies the setting for Local Admin Password Solution (LAPS) within your organization. + localAdminPassword?: NullableOption; /** - * The percentage of devices for which secure boot hardware check has failed. Valid values 0 to 100. Supports: $select, - * $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Specifies the authentication policy for a user to complete registration using Microsoft Entra join or Microsoft Entra + * registered within your organization. The possible values are: notRequired, required, unknownFutureValue. The default + * value is notRequired. */ - secureBootCheckFailedPercentage?: number; + multiFactorAuthConfiguration?: MultiFactorAuthConfiguration; /** - * The percentage of devices for which storage hardware check has failed. Valid values 0 to 100. Supports: $select, - * $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Specifies the maximum number of devices that a user can have within your organization before blocking new device + * registrations. The default value is set to 50. If this property isn't specified during the policy update operation, + * it's automatically reset to 0 to indicate that users aren't allowed to join any devices. */ - storageCheckFailedPercentage?: number; + userDeviceQuota?: number; +} +export interface DeviceSetupConfiguration extends Entity { + // DateTime the object was created. + createdDateTime?: string; + // Admin provided description of the Device Configuration. + description?: NullableOption; + // Admin provided name of the device configuration. + displayName?: string; + // DateTime the object was last modified. + lastModifiedDateTime?: string; + // Version of the device configuration. + version?: number; +} +export interface DeviceShellScript extends Entity { + // Does not notify the user a script is being executed + blockExecutionNotifications?: boolean; + // The date and time the device management script was created. This property is read-only. + createdDateTime?: string; + // Optional description for the device management script. + description?: NullableOption; + // Name of the device management script. + displayName?: NullableOption; + // The interval for script to run. If not defined the script will run once + executionFrequency?: string; + // Script file name. + fileName?: NullableOption; + // The date and time the device management script was last modified. This property is read-only. + lastModifiedDateTime?: string; + // Number of times for the script to be retried if it fails + retryCount?: number; + // List of Scope Tag IDs for this PowerShellScript instance. + roleScopeTagIds?: NullableOption; + // Indicates the type of execution context. Possible values are: system, user. + runAsAccount?: RunAsAccountType; + // The script content. + scriptContent?: NullableOption; + // The list of group assignments for the device management script. + assignments?: NullableOption; + // List of run states for this script across all devices. + deviceRunStates?: NullableOption; + // The list of group assignments for the device management script. + groupAssignments?: NullableOption; + // Run summary for device management script. + runSummary?: NullableOption; + // List of run states for this script across all users. + userRunStates?: NullableOption; +} +export interface Dimension { + code?: NullableOption; + displayName?: NullableOption; + id?: string; + lastModifiedDateTime?: NullableOption; + dimensionValues?: NullableOption; +} +export interface DimensionValue { + code?: NullableOption; + displayName?: NullableOption; + id?: string; + lastModifiedDateTime?: NullableOption; +} +export interface Directory extends Entity { + // Conceptual container for user and group directory objects. + administrativeUnits?: NullableOption; + // Group of related custom security attribute definitions. + attributeSets?: NullableOption; + certificateAuthorities?: NullableOption; + // Schema of a custom security attributes (key-value pairs). + customSecurityAttributeDefinitions?: NullableOption; + // Recently deleted items. Read-only. Nullable. + deletedItems?: NullableOption; + // The credentials of the device's local administrator account backed up to Microsoft Entra ID. + deviceLocalCredentials?: NullableOption; + // Collection of external user profiles that represent collaborators in the directory. + externalUserProfiles?: NullableOption; + featureRolloutPolicies?: NullableOption; /** - * The count of total devices in an organization. Valid values 0 to 2147483647. Supports: $select, $OrderBy. Read-only. - * Valid values -2147483648 to 2147483647 + * Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed + * protocol. */ - totalDeviceCount?: number; + federationConfigurations?: NullableOption; + impactedResources?: NullableOption; + // A collection of external users whose profile data is shared with the Microsoft Entra tenant. Nullable. + inboundSharedUserProfiles?: NullableOption; + // A container for on-premises directory synchronization functionalities that are available for the organization. + onPremisesSynchronization?: NullableOption; + outboundSharedUserProfiles?: NullableOption; + // Collection of pending external user profiles representing collaborators in the directory that are unredeemed. + pendingExternalUserProfiles?: NullableOption; + // List of recommended improvements to improve tenant posture. + recommendations?: NullableOption; + sharedEmailDomains?: NullableOption; + // List of commercial subscriptions that an organization has. + subscriptions?: NullableOption; +} +export interface DirectoryAudit extends Entity { /** - * The percentage of devices for which Trusted Platform Module (TPM) hardware check has failed. Valid values 0 to 100. - * Supports: $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Indicates the date and time the activity was performed. The Timestamp type is always in UTC time. For example, midnight + * UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Supports $filter (eq, ge, le) and $orderby. */ - tpmCheckFailedPercentage?: number; + activityDateTime?: string; /** - * The count of devices in an organization eligible for windows upgrade. Valid values 0 to 2147483647. Supports: $select, - * $OrderBy. Read-only. Valid values -2147483648 to 2147483647 + * Indicates the activity name or the operation name (for example 'Create User', 'Add member to group'). For a list of + * activities logged, refer to Microsoft Entra audit log categories and activities. Supports $filter (eq, startswith). */ - upgradeEligibleDeviceCount?: number; -} -export interface UserExperienceAnalyticsWorkFromAnywhereMetric extends Entity { - // The work from anywhere metric devices. Read-only. - metricDevices?: NullableOption; -} -export interface UserExperienceAnalyticsWorkFromAnywhereModelPerformance extends Entity { + activityDisplayName?: string; + // Indicates more details on the activity. + additionalDetails?: NullableOption; /** - * The cloud identity score of the device model. Valid values 0 to 100. Value -1 means associated score is unavailable. - * Supports: $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Indicates which resource category that's targeted by the activity. For example: UserManagement, GroupManagement, + * ApplicationManagement, RoleManagement. For a list of categories for activities logged, refer to Microsoft Entra audit + * log categories and activities. */ - cloudIdentityScore?: number; + category?: string; /** - * The cloud management score of the device model. Valid values 0 to 100. Value -1 means associated score is unavailable. - * Supports: $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Indicates a unique ID that helps correlate activities that span across various services. Can be used to trace logs + * across services. Supports $filter (eq). */ - cloudManagementScore?: number; + correlationId?: NullableOption; /** - * The cloud provisioning score of the device model. Valid values 0 to 100. Value -1 means associated score is - * unavailable. Supports: $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Indicates information about the user or app initiated the activity. Supports $filter (eq) for user/id, + * user/displayName, user/userPrincipalName, app/appId, app/displayName; and $filter (startswith) for + * user/userPrincipalName. */ - cloudProvisioningScore?: number; + initiatedBy?: AuditActivityInitiator; /** - * The health state of the user experience analytics work from anywhere device model. Possible values are: unknown, - * insufficientData, needsAttention, meetingGoals. Unknown by default. Supports: $select, $OrderBy. Read-only. Possible - * values are: unknown, insufficientData, needsAttention, meetingGoals, unknownFutureValue. + * Indicates information on which service initiated the activity (For example: Self-service Password Management, Core + * Directory, B2C, Invited Users, Microsoft Identity Manager, Privileged Identity Management. Supports $filter (eq). */ - healthStatus?: UserExperienceAnalyticsHealthState; - // The manufacturer name of the device. Supports: $select, $OrderBy. Read-only. - manufacturer?: NullableOption; - // The model name of the device. Supports: $select, $OrderBy. Read-only. - model?: NullableOption; - // The devices count for the model. Supports: $select, $OrderBy. Read-only. Valid values -2147483648 to 2147483647 - modelDeviceCount?: number; + loggedByService?: NullableOption; /** - * The window score of the device model. Valid values 0 to 100. Value -1 means associated score is unavailable. Supports: - * $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Indicates the type of operation that was performed. The possible values include but aren't limited to the following: + * Add, Assign, Update, Unassign, and Delete. */ - windowsScore?: number; + operationType?: NullableOption; + // Indicates the result of the activity. Possible values are: success, failure, timeout, unknownFutureValue. + result?: NullableOption; + // Indicates the reason for failure if the result is failure or timeout. + resultReason?: NullableOption; /** - * The work from anywhere score of the device model. Valid values 0 to 100. Value -1 means associated score is - * unavailable. Supports: $select, $OrderBy. Read-only. Valid values -1.79769313486232E+308 to 1.79769313486232E+308 + * Information about the resource that changed due to the activity. Supports $filter (eq) for id and displayName; and + * $filter (startswith) for displayName. */ - workFromAnywhereScore?: number; + targetResources?: NullableOption; + // Type of user agent used by a user in the activity. + userAgent?: NullableOption; } -export interface WindowsMalwareInformation extends Entity { - // Indicates an informational URL to learn more about the malware - additionalInformationUrl?: NullableOption; +export interface DirectoryDefinition extends Entity { /** - * Category of the malware. Possible values are: invalid, adware, spyware, passwordStealer, trojanDownloader, worm, - * backdoor, remoteAccessTrojan, trojan, emailFlooder, keylogger, dialer, monitoringSoftware, browserModifier, cookie, - * browserPlugin, aolExploit, nuker, securityDisabler, jokeProgram, hostileActiveXControl, softwareBundler, - * stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, trojanFtp, potentialUnwantedSoftware, icqExploit, - * trojanTelnet, exploit, filesharingProgram, malwareCreationTool, remoteControlSoftware, tool, trojanDenialOfService, - * trojanDropper, trojanMassMailer, trojanMonitoringSoftware, trojanProxyServer, virus, known, unknown, spp, behavior, - * vulnerability, policy, enterpriseUnwantedSoftware, ransom, hipsRule. default value is invalid. Possible values are: - * invalid, adware, spyware, passwordStealer, trojanDownloader, worm, backdoor, remoteAccessTrojan, trojan, emailFlooder, - * keylogger, dialer, monitoringSoftware, browserModifier, cookie, browserPlugin, aolExploit, nuker, securityDisabler, - * jokeProgram, hostileActiveXControl, softwareBundler, stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, - * trojanFtp, potentialUnwantedSoftware, icqExploit, trojanTelnet, exploit, filesharingProgram, malwareCreationTool, - * remoteControlSoftware, tool, trojanDenialOfService, trojanDropper, trojanMassMailer, trojanMonitoringSoftware, - * trojanProxyServer, virus, known, unknown, spp, behavior, vulnerability, policy, enterpriseUnwantedSoftware, ransom, - * hipsRule. + * Read-only value indicating what type of discovery the app supports. The possible values are: None, AttributeNames, + * AttributeDataTypes, AttributeReadOnly, ReferenceAttributes, UnknownFutureValue. This is a multi-valued object. */ - category?: NullableOption; - // Indicates the name of the malware - displayName?: NullableOption; - // Indicates the last time the malware was detected in UTC - lastDetectionDateTime?: NullableOption; + discoverabilities?: DirectoryDefinitionDiscoverabilities; /** - * Severity of the malware. Possible values are: unknown, low, moderate, high, severe. default is unknown. Possible values - * are: unknown, low, moderate, high, severe. + * Represents the discovery date and time using ISO 8601 format and is always in UTC time. For example, midnight UTC on + * Jan 1, 2014 is 2014-01-01T00:00:00Z. */ - severity?: NullableOption; - // List of devices affected by current malware with the malware state on each device - deviceMalwareStates?: NullableOption; + discoveryDateTime?: NullableOption; + // Name of the directory. Must be unique within the synchronization schema. Not nullable. + name?: NullableOption; + // Collection of objects supported by the directory. + objects?: NullableOption; + // Whether this object is read-only. + readOnly?: boolean; + // Read only value that indicates version discovered. null if discovery hasn't yet occurred. + version?: NullableOption; } -export interface DeviceManagementDerivedCredentialSettings extends Entity { - // The display name for the profile. - displayName?: string; - // The URL that will be accessible to end users as they retrieve a derived credential using the Company Portal. - helpUrl?: NullableOption; - // The derived credential provider to use. - issuer?: DeviceManagementDerivedCredentialIssuer; +export interface DirectoryObject extends Entity { + // Date and time when this object was deleted. Always null when the object hasn't been deleted. + deletedDateTime?: NullableOption; +} +export interface DirectoryObjectPartnerReference extends DirectoryObject { + // Description of the object returned. Read-only. + description?: NullableOption; + // Name of directory object being returned, like group or application. Read-only. + displayName?: NullableOption; + // The tenant identifier for the partner tenant. Read-only. + externalPartnerTenantId?: NullableOption; + // The type of the referenced object in the partner tenant. Read-only. + objectType?: NullableOption; +} +export interface DirectoryRole extends DirectoryObject { + // The description for the directory role. Read-only. Supports $filter (eq), $search, $select. + description?: NullableOption; + // The display name for the directory role. Read-only. Supports $filter (eq), $search, $select. + displayName?: NullableOption; /** - * The methods used to inform the end user to open Company Portal to deliver Wi-Fi, VPN, or email profiles that use - * certificates to the device. + * The id of the directoryRoleTemplate that this role is based on. The property must be specified when activating a + * directory role in a tenant with a POST operation. After the directory role has been activated, the property is read + * only. Supports $filter (eq), $select. */ - notificationType?: DeviceManagementDerivedCredentialNotificationType; - // The nominal percentage of time before certificate renewal is initiated by the client. - renewalThresholdPercentage?: number; + roleTemplateId?: NullableOption; + // Users that are members of this directory role. HTTP Methods: GET, POST, DELETE. Read-only. Nullable. Supports $expand. + members?: NullableOption; + // Members of this directory role that are scoped to administrative units. Read-only. Nullable. + scopedMembers?: NullableOption; } -export interface DeviceManagementResourceAccessProfileBase extends Entity { - // DateTime profile was created - creationDateTime?: NullableOption; - // Profile description +export interface DirectoryRoleAccessReviewPolicy extends Entity { + settings?: NullableOption; +} +export interface DirectoryRoleTemplate extends DirectoryObject { + // The description to set for the directory role. Read-only. description?: NullableOption; - // Profile display name - displayName?: string; - // DateTime profile was last modified - lastModifiedDateTime?: NullableOption; - // Scope Tags - roleScopeTagIds?: NullableOption; - // Version of the profile - version?: number; - // The list of assignments for the device configuration profile. - assignments?: NullableOption; + // The display name to set for the directory role. Read-only. + displayName?: NullableOption; } -export interface AppleUserInitiatedEnrollmentProfile extends Entity { - // List of available enrollment type options - availableEnrollmentTypeOptions?: NullableOption; - // Profile creation time - createdDateTime?: string; +export interface DirectorySetting extends Entity { + // Display name of this group of settings, which comes from the associated template. Read-only. + displayName?: NullableOption; + // Unique identifier for the template used to create this group of settings. Read-only. + templateId?: NullableOption; /** - * The default profile enrollment type. Possible values are: unknown, device, user, accountDrivenUserEnrollment, - * webDeviceEnrollment, unknownFutureValue. + * Collection of name-value pairs corresponding to the name and defaultValue properties in the referenced + * directorySettingTemplates object. */ - defaultEnrollmentType?: AppleUserInitiatedEnrollmentType; - // Description of the profile + values?: SettingValue[]; +} +export interface DirectorySettingTemplate extends DirectoryObject { + // Description of the template. Read-only. description?: NullableOption; - // Name of the profile + // Display name of the template. Read-only. displayName?: NullableOption; - // Profile last modified time - lastModifiedDateTime?: string; /** - * The platform of the Device. Possible values are: android, androidForWork, iOS, macOS, windowsPhone81, - * windows81AndLater, windows10AndLater, androidWorkProfile, unknown, androidAOSP. + * Collection of settingTemplateValues that list the set of available settings, defaults and types that make up this + * template. Read-only. */ - platform?: DevicePlatformType; - // Priority, 0 is highest - priority?: number; - // The list of assignments for this profile. - assignments?: NullableOption; + values?: SettingTemplateValue[]; } -export interface DepOnboardingSetting extends Entity { - // The Apple ID used to obtain the current token. - appleIdentifier?: NullableOption; - // Consent granted for data sharing with Apple Dep Service - dataSharingConsentGranted?: boolean; - // When the service was onboarded. - lastModifiedDateTime?: string; - // When the service last syned with Intune - lastSuccessfulSyncDateTime?: string; - // Error code reported by Apple during last dep sync. - lastSyncErrorCode?: number; - // When Intune last requested a sync. - lastSyncTriggeredDateTime?: string; - // List of Scope Tags for this Entity instance. - roleScopeTagIds?: NullableOption; - // Whether or not the Dep token sharing is enabled with the School Data Sync service. - shareTokenWithSchoolDataSyncService?: boolean; - // Gets synced device count - syncedDeviceCount?: number; - // When the token will expire. - tokenExpirationDateTime?: string; - // Friendly Name for Dep Token - tokenName?: NullableOption; - // Gets or sets the Dep Token Type. Possible values are: none, dep, appleSchoolManager. - tokenType?: DepTokenType; - // Default iOS Enrollment Profile - defaultIosEnrollmentProfile?: NullableOption; - // Default MacOs Enrollment Profile - defaultMacOsEnrollmentProfile?: NullableOption; - // The enrollment profiles. - enrollmentProfiles?: NullableOption; - // The imported Apple device identities. - importedAppleDeviceIdentities?: NullableOption; +export interface DlpEvaluatePoliciesJobResponse extends JobResponseBase { + result?: NullableOption; } -// tslint:disable-next-line: interface-name -export interface ImportedDeviceIdentity extends Entity { - // Created Date Time of the device - createdDateTime?: string; - // The description of the device - description?: NullableOption; - // The state of the device in Intune. Possible values are: unknown, enrolled, pendingReset, failed, notContacted, blocked. - enrollmentState?: EnrollmentState; - // Imported Device Identifier - importedDeviceIdentifier?: NullableOption; - // Type of Imported Device Identity. Possible values are: unknown, imei, serialNumber. - importedDeviceIdentityType?: ImportedDeviceIdentityType; - // Last Contacted Date Time of the device - lastContactedDateTime?: string; - // Last Modified DateTime of the description - lastModifiedDateTime?: string; - // The platform of the Device. Possible values are: unknown, ios, android, windows, windowsMobile, macOS. - platform?: Platform; +export interface Document extends Entity { + comments?: NullableOption; } -// tslint:disable-next-line: interface-name -export interface ImportedWindowsAutopilotDeviceIdentity extends Entity { - // UPN of the user the device will be assigned - assignedUserPrincipalName?: NullableOption; - // Group Tag of the Windows autopilot device. - groupTag?: NullableOption; - // Hardware Blob of the Windows autopilot device. - hardwareIdentifier?: NullableOption; - // The Import Id of the Windows autopilot device. - importId?: NullableOption; - // Product Key of the Windows autopilot device. - productKey?: NullableOption; - // Serial number of the Windows autopilot device. - serialNumber?: NullableOption; - // Current state of the imported device. - state?: NullableOption; +export interface DocumentComment extends Entity { + content?: NullableOption; + replies?: NullableOption; } -export interface WindowsAutopilotDeploymentProfile extends Entity { - // Profile creation time - createdDateTime?: string; - // Description of the profile - description?: NullableOption; +export interface DocumentCommentReply extends Entity { + content?: NullableOption; + location?: NullableOption; +} +export interface DocumentSetVersion extends ListItemVersion { + // Comment about the captured version. + comment?: NullableOption; + // User who captured the version. + createdBy?: NullableOption; + // Date and time when this version was created. + createdDateTime?: NullableOption; + // Items within the document set that are captured as part of this version. + items?: NullableOption; /** - * The template used to name the AutoPilot Device. This can be a custom text and can also contain either the serial number - * of the device, or a randomly generated number. The total length of the text generated by the template can be no more - * than 15 characters. + * If true, minor versions of items are also captured; otherwise, only major versions are captured. The default value is + * false. */ - deviceNameTemplate?: NullableOption; - // The AutoPilot device type that this profile is applicable to. Possible values are: windowsPc, surfaceHub2. - deviceType?: WindowsAutopilotDeviceType; - // Name of the profile - displayName?: NullableOption; - // Enable Autopilot White Glove for the profile. - enableWhiteGlove?: boolean; - // Enrollment status screen setting - enrollmentStatusScreenSettings?: NullableOption; - // HardwareHash Extraction for the profile - extractHardwareHash?: boolean; - // Language configured on the device - language?: NullableOption; - // Profile last modified time - lastModifiedDateTime?: string; - // AzureAD management app ID used during client device-based enrollment discovery - managementServiceAppId?: NullableOption; - // Out of box experience setting - outOfBoxExperienceSettings?: NullableOption; - // Scope tags for the profile. - roleScopeTagIds?: NullableOption; - // The list of assigned devices for the profile. - assignedDevices?: NullableOption; - // The list of group assignments for the profile. - assignments?: NullableOption; + shouldCaptureMinorVersion?: NullableOption; } -export interface WindowsAutopilotDeviceIdentity extends Entity { - // Addressable user name. - addressableUserName?: NullableOption; - // AAD Device ID - to be deprecated - azureActiveDirectoryDeviceId?: NullableOption; - // AAD Device ID - azureAdDeviceId?: NullableOption; - // Profile set time of the Windows autopilot device. - deploymentProfileAssignedDateTime?: string; +export interface Domain extends Entity { /** - * Profile assignment detailed status of the Windows autopilot device. Possible values are: none, - * hardwareRequirementsNotMet, surfaceHubProfileNotSupported, holoLensProfileNotSupported, windowsPcProfileNotSupported, - * surfaceHub2SProfileNotSupported, unknownFutureValue. + * Indicates the configured authentication type for the domain. The value is either Managed or Federated. Managed + * indicates a cloud managed domain where Microsoft Entra ID performs user authentication. Federated indicates + * authentication is federated with an identity provider such as the tenant's on-premises Active Directory via Active + * Directory Federation Services. Not nullable. */ - deploymentProfileAssignmentDetailedStatus?: WindowsAutopilotProfileAssignmentDetailedStatus; + authenticationType?: string; /** - * Profile assignment status of the Windows autopilot device. Possible values are: unknown, assignedInSync, - * assignedOutOfSync, assignedUnkownSyncState, notAssigned, pending, failed. + * This property is always null except when the verify action is used. When the verify action is used, a domain entity is + * returned in the response. The availabilityStatus property of the domain entity in the response is either + * AvailableImmediately or EmailVerifiedDomainTakeoverScheduled. */ - deploymentProfileAssignmentStatus?: WindowsAutopilotProfileAssignmentStatus; - // Surface Hub Device Account Password - deviceAccountPassword?: NullableOption; - // Surface Hub Device Account Upn - deviceAccountUpn?: NullableOption; - // Surface Hub Device Friendly Name - deviceFriendlyName?: NullableOption; - // Display Name - displayName?: NullableOption; + availabilityStatus?: NullableOption; /** - * Intune enrollment state of the Windows autopilot device. Possible values are: unknown, enrolled, pendingReset, failed, - * notContacted, blocked. + * The value of the property is false if the DNS record management of the domain has been delegated to Microsoft 365. + * Otherwise, the value is true. Not nullable */ - enrollmentState?: EnrollmentState; - // Group Tag of the Windows autopilot device. - groupTag?: NullableOption; - // Intune Last Contacted Date Time of the Windows autopilot device. - lastContactedDateTime?: string; - // Managed Device ID - managedDeviceId?: NullableOption; - // Oem manufacturer of the Windows autopilot device. - manufacturer?: NullableOption; - // Model name of the Windows autopilot device. - model?: NullableOption; - // Product Key of the Windows autopilot device. - productKey?: NullableOption; - // Purchase Order Identifier of the Windows autopilot device. - purchaseOrderIdentifier?: NullableOption; + isAdminManaged?: boolean; /** - * Device Remediation State. Possible values are: unknown, noRemediationRequired, automaticRemediationRequired, - * manualRemediationRequired, unknownFutureValue. + * true if this is the default domain that is used for user creation. There is only one default domain per company. Not + * nullable */ - remediationState?: WindowsAutopilotDeviceRemediationState; - // RemediationState set time of Autopilot device. - remediationStateLastModifiedDateTime?: string; - // Resource Name. - resourceName?: NullableOption; - // Serial number of the Windows autopilot device. - serialNumber?: NullableOption; - // SKU Number - skuNumber?: NullableOption; - // System Family - systemFamily?: NullableOption; - // Enrollment status for userless enrollments. - userlessEnrollmentStatus?: WindowsAutopilotUserlessEnrollmentStatus; - // User Principal Name. - userPrincipalName?: NullableOption; - // Deployment profile currently assigned to the Windows autopilot device. - deploymentProfile?: NullableOption; - // Deployment profile intended to be assigned to the Windows autopilot device. - intendedDeploymentProfile?: NullableOption; -} -export interface WindowsAutopilotSettings extends Entity { - // Last data sync date time with DDS service. - lastManualSyncTriggerDateTime?: string; - // Last data sync date time with DDS service. - lastSyncDateTime?: string; + isDefault?: boolean; /** - * Indicates the status of sync with Device data sync (DDS) service. Possible values are: unknown, inProgress, completed, - * failed. + * true if this is the initial domain created by Microsoft Online Services (contoso.com). There is only one initial domain + * per company. Not nullable */ - syncStatus?: WindowsAutopilotSyncStatus; -} -export interface PrivilegeManagementElevationRequest extends Entity { + isInitial?: boolean; + // true if the domain is a verified root domain. Otherwise, false if the domain is a subdomain or unverified. Not nullable + isRoot?: boolean; + // true if the domain has completed domain ownership verification. Not nullable + isVerified?: boolean; /** - * Details of the application which is being requested to elevate, allowing the admin to understand the identity of the - * application. It includes file info such as FilePath, FileHash, FilePublisher, and etc. Returned by default. Read-only. + * Specifies the number of days before a user receives notification that their password will expire. If the property is + * not set, a default value of 14 days will be used. */ - applicationDetail?: NullableOption; - // The device name used to initiate the elevation request. For example: 'cotonso-laptop'. Returned by default. Read-only. - deviceName?: NullableOption; + passwordNotificationWindowInDays?: NullableOption; /** - * The date and time when the elevation request was submitted/created. The value cannot be modified and is automatically - * populated when the elevation request is submitted/created. The Timestamp type represents date and time information - * using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: - * '2014-01-01T00:00:00Z'. Returned by default. Read-only. + * Specifies the length of time that a password is valid before it must be changed. If the property is not set, a default + * value of 90 days will be used. */ - requestCreatedDateTime?: string; + passwordValidityPeriodInDays?: NullableOption; + // Status of asynchronous operations scheduled for the domain. + state?: NullableOption; /** - * The Azure Active Directory (AAD) identifier of the end user who is requesting this elevation. For example: - * 'F1A57311-B9EB-45B7-9415-8555E68EDC9E'. Returned by default. Read-only. + * The capabilities assigned to the domain. Can include 0, 1 or more of following values: Email, Sharepoint, + * EmailInternalRelayOnly, OfficeCommunicationsOnline,SharePointDefaultDomain, FullRedelegation, SharePointPublic, + * OrgIdAuthentication, Yammer, Intune. The values which you can add/remove using Graph API include: Email, + * OfficeCommunicationsOnline, Yammer. Not nullable. */ - requestedByUserId?: NullableOption; + supportedServices?: string[]; /** - * The User Principal Name (UPN) of the end user who requested this elevation. For example: 'user1@contoso.com'. Returned - * by default. Read-only. + * The objects such as users and groups that reference the domain ID. Read-only, Nullable. Supports $expand and $filter by + * the OData type of objects returned. For example /domains/{domainId}/domainNameReferences/microsoft.graph.user and + * /domains/{domainId}/domainNameReferences/microsoft.graph.group. */ - requestedByUserPrincipalName?: NullableOption; + domainNameReferences?: NullableOption; + // Domain settings configured by customer when federated with Microsoft Entra ID. Supports $expand. + federationConfiguration?: NullableOption; /** - * The Intune Device Identifier of the managed device used to initiate the elevation request. For example: - * '90F5F6E8-CA09-4811-97F6-4D0DD532D916'. Returned by default. Read-only. + * DNS records the customer adds to the DNS zone file of the domain before the domain can be used by Microsoft Online + * services. Read-only, Nullable. Supports $expand. */ - requestedOnDeviceId?: NullableOption; + serviceConfigurationRecords?: NullableOption; + sharedEmailDomainInvitations?: NullableOption; /** - * Expiration set for the request when it was created, regardless of approved or denied status. For example: - * '2023-08-03T14:24:22Z'. Returned by default. Returned by default. Read-only. + * DNS records that the customer adds to the DNS zone file of the domain before the customer can complete domain ownership + * verification with Microsoft Entra ID. Read-only, Nullable. Supports $expand. */ - requestExpiryDateTime?: NullableOption; + verificationDnsRecords?: NullableOption; +} +export interface DomainDnsCnameRecord extends DomainDnsRecord { + // The canonical name of the CNAME record. Used to configure the CNAME record at the DNS host. + canonicalName?: NullableOption; +} +export interface DomainDnsMxRecord extends DomainDnsRecord { + // Value used when configuring the answer/destination/value of the MX record at the DNS host. + mailExchange?: string; + // Value used when configuring the Preference/Priority property of the MX record at the DNS host. + preference?: NullableOption; +} +export interface DomainDnsRecord extends Entity { /** - * Justification provided by the end user for the elevation request. For example :'Need to elevate to install microsoft - * word'. Read-only. + * If false, this record must be configured by the customer at the DNS host for Microsoft Online Services to operate + * correctly with the domain. */ - requestJustification?: NullableOption; + isOptional?: boolean; + // Value used when configuring the name of the DNS record at the DNS host. + label?: string; + // Indicates what type of DNS record this entity represents. The value can be one of the following: CName, Mx, Srv, Txt. + recordType?: NullableOption; /** - * The date and time when the elevation request was either submitted/created or approved/denied. The value cannot be - * modified and is automatically populated. The Timestamp type represents date and time information using ISO 8601 format - * and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: '2014-01-01T00:00:00Z'. - * Returned by default. Read-only. + * Microsoft Online Service or feature that has a dependency on this DNS record. Can be one of the following values: null, + * Email, Sharepoint, EmailInternalRelayOnly, OfficeCommunicationsOnline, SharePointDefaultDomain, FullRedelegation, + * SharePointPublic, OrgIdAuthentication, Yammer, Intune. */ - requestLastModifiedDateTime?: string; + supportedService?: string; + // Value to use when configuring the time-to-live (ttl) property of the DNS record at the DNS host. Not nullable. + ttl?: number; +} +export interface DomainDnsSrvRecord extends DomainDnsRecord { + // Value to use when configuring the Target property of the SRV record at the DNS host. + nameTarget?: NullableOption; + // Value to use when configuring the port property of the SRV record at the DNS host. + port?: NullableOption; + // Value to use when configuring the priority property of the SRV record at the DNS host. + priority?: NullableOption; + // Value to use when configuring the protocol property of the SRV record at the DNS host. + protocol?: NullableOption; + // Value to use when configuring the service property of the SRV record at the DNS host. + service?: NullableOption; + // Value to use when configuring the weight property of the SRV record at the DNS host. + weight?: NullableOption; +} +export interface DomainDnsTxtRecord extends DomainDnsRecord { + // Value used when configuring the text property at the DNS host. + text?: string; +} +export interface DomainDnsUnavailableRecord extends DomainDnsRecord { + // Provides the reason why the DomainDnsUnavailableRecord entity is returned. + description?: NullableOption; +} +export interface DomainSecurityProfile extends Entity { + activityGroupNames?: NullableOption; + azureSubscriptionId?: NullableOption; + azureTenantId?: string; + countHits?: NullableOption; + countInOrg?: NullableOption; + domainCategories?: NullableOption; + domainRegisteredDateTime?: NullableOption; + firstSeenDateTime?: NullableOption; + lastSeenDateTime?: NullableOption; + name?: NullableOption; + registrant?: NullableOption; + riskScore?: NullableOption; + tags?: NullableOption; + vendorInformation?: NullableOption; +} +export interface Drive extends BaseItem { /** - * This is the Azure Active Directory (AAD) user id of the administrator who approved or denied the request. For example: - * 'F1A57311-B9EB-45B7-9415-8555E68EDC9E'. This field would be String.Empty before the request is either approved or - * denied. Read-only. + * Describes the type of drive represented by this resource. OneDrive personal drives return personal. OneDrive for + * Business returns business. SharePoint document libraries return documentLibrary. Read-only. */ - reviewCompletedByUserId?: NullableOption; + driveType?: NullableOption; + // Optional. The user account that owns the drive. Read-only. + owner?: NullableOption; + // Optional. Information about the drive's storage space quota. Read-only. + quota?: NullableOption; + sharePointIds?: NullableOption; + // If present, indicates that this is a system-managed drive. Read-only. + system?: NullableOption; + // The list of recent activities that took place under this drive. + activities?: NullableOption; + // Collection of [bundles][bundle] (albums and multi-select-shared sets of items). Only in personal OneDrive. + bundles?: NullableOption; + // The list of items the user is following. Only in OneDrive for Business. + following?: NullableOption; + // All items contained in the drive. Read-only. Nullable. + items?: NullableOption; + // For drives in SharePoint, the underlying document library list. Read-only. Nullable. + list?: NullableOption; + // The root folder of the drive. Read-only. + root?: NullableOption; + // Collection of common folders available in OneDrive. Read-only. Nullable. + special?: NullableOption; +} +export interface DriveItem extends BaseItem { + // Audio metadata, if the item is an audio file. Read-only. Only on OneDrive Personal. + audio?: NullableOption