| title | description | ms.localizationpriority | author | ms.subservice | doc_type |
|---|---|---|---|---|---|
Get appManagementPolicy |
Get an application management policy. |
medium |
madansr7 |
entra-sign-in |
apiPageType |
Namespace: microsoft.graph
[!INCLUDE beta-disclaimer]
Read the properties of an appManagementPolicy object.
[!INCLUDE national-cloud-support]
Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions only if your app requires it. For details about delegated and application permissions, see Permission types. To learn more about these permissions, see the permissions reference.
[!INCLUDE permissions-table]
[!INCLUDE rbac-app-auth-method-policy-api-get]
GET /policies/appManagementPolicies/{id}| Name | Description |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Don't supply a request body for this method.
If successful, this method returns a 200 OK response code and a single appManagementPolicy object in the response body.
The following example shows a request. From the response, the app management policy defines the following restrictions for application and service principal objects:
- Blocks creating of new passwords after 2019-10-19 at 10:37 AM UTC time.
- Limits password secrets for apps created after 2019-10-19 at 10:37 AM UTC time to less than 4 days, 12 hours, 30 minutes and 5 seconds.
GET https://graph.microsoft.com/beta/policies/appManagementPolicies/{id}
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
The following example shows the response.
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/appManagementPolicies",
"value": [
{
"id": "db9d4b58-3488-4da4-9994-49773c454e33",
"displayName": "Custom app management policy",
"description": "Custom policy that enforces app management restrictions on specific applications and service principals.",
"isEnabled": false,
"restrictions": {
"passwordCredentials": [
{
"restrictionType": "passwordAddition",
"maxLifetime": null,
"restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z"
},
{
"restrictionType": "passwordLifetime",
"maxLifetime": "P90D",
"restrictForAppsCreatedAfterDateTime": "2017-10-19T10:37:00Z"
},
{
"restrictionType": "symmetricKeyAddition",
"maxLifetime": null,
"restrictForAppsCreatedAfterDateTime": "2021-10-19T10:37:00Z"
},
{
"restrictionType": "symmetricKeyLifetime",
"maxLifetime": "P30D",
"restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
}
],
"keyCredentials": [
{
"restrictionType": "asymmetricKeyLifetime",
"maxLifetime": "P90D",
"restrictForAppsCreatedAfterDateTime": "2014-10-19T10:37:00Z"
},
{
"restrictionType": "trustedCertificateAuthority",
"restrictForAppsCreatedAfterDateTime": "2019-10-19T10:37:00Z",
"certificateBasedApplicationConfigurationIds": [
"eec5ba11-2fc0-4113-83a2-ed986ed13743",
"bb8e164b-f9ed-4b98-bc45-65eddc14f4c1"
],
"maxLifetime": null
}
],
"applicationRestrictions": {
"identifierUris": {
"nonDefaultUriAddition": {
"restrictForAppsCreatedAfterDateTime": "2024-01-01T10:37:00Z",
"excludeAppsReceivingV2Tokens": true,
"excludeSaml": true
}
}
}
}
}
]
}