title | description | author | ms.localizationpriority | ms.subservice | doc_type |
---|---|---|---|---|---|
List assigned tokenLifetimePolicies |
List tokenLifetimePolicies that are assigned to a service principal. |
sureshja |
medium |
entra-applications |
apiPageType |
Namespace: microsoft.graph
List the tokenLifetimePolicy objects that are assigned to a servicePrincipal. Only one object is returned in the collection because only one tokenLifetimePolicy can be assigned to a service principal.
[!INCLUDE national-cloud-support]
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permission type | Permissions (from least to most privileged) |
---|---|
Delegated (work or school account) | Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. |
Application | Policy.Read.All and Application.ReadWrite.OwnedBy, Policy.Read.All and Application.ReadWrite.All, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.OwnedBy, Policy.ReadWrite.ApplicationConfiguration and Application.ReadWrite.All |
You can address the service principal using either its id or appId. id and appId are referred to as the Object ID and Application (Client) ID, respectively, in enterprise applications in the Microsoft Entra admin center.
GET /servicePrincipals/{id}/tokenLifetimePolicies
GET /servicePrincipals(appId='{appId}')/tokenLifetimePolicies
This method supports the $select
OData query parameter to help customize the response. For general information, see OData query parameters.
Name | Description |
---|---|
Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
Don't supply a request body for this method.
If successful, this method returns a 200 OK
response code and a collection of tokenLifetimePolicy objects in the response body.
The following example shows a request.
GET https://graph.microsoft.com/v1.0/servicePrincipals/2a8f9e7a-af01-413a-9592-c32ec0e5c1a7/tokenLifetimePolicies
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
[!INCLUDE sample-code] [!INCLUDE sdk-documentation]
The following example shows the response.
Note: The response object shown here might be shortened for readability.
HTTP/1.1 200 OK
Content-Type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(microsoft.graph.tokenLifetimePolicy)",
"@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET servicePrincipals('<guid>')/tokenLifetimePolicies?$select=definition,isOrganizationDefault",
"value": [
{
"id": "4d2f137b-e8a9-46da-a5c3-cc85b2b840a4",
"deletedDateTime": null,
"definition": [
"{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"5:30:00\"}}"
],
"displayName": "Contoso token lifetime policy for enterprise apps.",
"isOrganizationDefault": true
}
]
}