Microsoft Graph · Schema
microsoft.graph.managedAppProtection
Azure ADCollaborationContactsDocumentsEmailGraphIdentityMicrosoftOffice 365PresentationsProductivitySpreadsheetsT1Tasks
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/microsoft.graph.managedAppProtection",
"title": "microsoft.graph.managedAppProtection",
"allOf": [
{
"$ref": "#/components/schemas/microsoft.graph.managedAppPolicy"
},
{
"title": "managedAppProtection",
"required": [
"@odata.type"
],
"type": "object",
"properties": {
"allowedDataStorageLocations": {
"type": "array",
"items": {
"$ref": "#/components/schemas/microsoft.graph.managedAppDataStorageLocation"
},
"description": "Data storage locations where a user may store managed data."
},
"allowedInboundDataTransferSources": {
"$ref": "#/components/schemas/microsoft.graph.managedAppDataTransferLevel"
},
"allowedOutboundClipboardSharingLevel": {
"$ref": "#/components/schemas/microsoft.graph.managedAppClipboardSharingLevel"
},
"allowedOutboundDataTransferDestinations": {
"$ref": "#/components/schemas/microsoft.graph.managedAppDataTransferLevel"
},
"contactSyncBlocked": {
"type": "boolean",
"description": "Indicates whether contacts can be synced to the user's device."
},
"dataBackupBlocked": {
"type": "boolean",
"description": "Indicates whether the backup of a managed app's data is blocked."
},
"deviceComplianceRequired": {
"type": "boolean",
"description": "Indicates whether device compliance is required."
},
"disableAppPinIfDevicePinIsSet": {
"type": "boolean",
"description": "Indicates whether use of the app pin is required if the device pin is set."
},
"fingerprintBlocked": {
"type": "boolean",
"description": "Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True."
},
"managedBrowser": {
"$ref": "#/components/schemas/microsoft.graph.managedBrowserType"
},
"managedBrowserToOpenLinksRequired": {
"type": "boolean",
"description": "Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for iOS) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android)"
},
"maximumPinRetries": {
"maximum": 2147483647,
"minimum": -2147483648,
"type": "number",
"description": "Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped. Valid values 1 to 65535",
"format": "int32"
},
"minimumPinLength": {
"maximum": 2147483647,
"minimum": -2147483648,
"type": "number",
"description": "Minimum pin length required for an app-level pin if PinRequired is set to True",
"format": "int32"
},
"minimumRequiredAppVersion": {
"type": "string",
"description": "Versions less than the specified version will block the managed app from accessing company data.",
"nullable": true
},
"minimumRequiredOsVersion": {
"type": "string",
"description": "Versions less than the specified version will block the managed app from accessing company data.",
"nullable": true
},
"minimumWarningAppVersion": {
"type": "string",
"description": "Versions less than the specified version will result in warning message on the managed app.",
"nullable": true
},
"minimumWarningOsVersion": {
"type": "string",
"description": "Versions less than the specified version will result in warning message on the managed app from accessing company data.",
"nullable": true
},
"organizationalCredentialsRequired": {
"type": "boolean",
"description": "Indicates whether organizational credentials are required for app use."
},
"periodBeforePinReset": {
"pattern": "^-?P([0-9]+D)?(T([0-9]+H)?([0-9]+M)?([0-9]+([.][0-9]+)?S)?)?$",
"type": "string",
"description": "TimePeriod before the all-level pin must be reset if PinRequired is set to True.",
"format": "duration"
},
"periodOfflineBeforeAccessCheck": {
"pattern": "^-?P([0-9]+D)?(T([0-9]+H)?([0-9]+M)?([0-9]+([.][0-9]+)?S)?)?$",
"type": "string",
"description": "The period after which access is checked when the device is not connected to the internet.",
"format": "duration"
},
"periodOfflineBeforeWipeIsEnforced": {
"pattern": "^-?P([0-9]+D)?(T([0-9]+H)?([0-9]+M)?([0-9]+([.][0-9]+)?S)?)?$",
"type": "string",
"description": "The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped.",
"format": "duration"
},
"periodOnlineBeforeAccessCheck": {
"pattern": "^-?P([0-9]+D)?(T([0-9]+H)?([0-9]+M)?([0-9]+([.][0-9]+)?S)?)?$",
"type": "string",
"description": "The period after which access is checked when the device is connected to the internet.",
"format": "duration"
},
"pinCharacterSet": {
"$ref": "#/components/schemas/microsoft.graph.managedAppPinCharacterSet"
},
"pinRequired": {
"type": "boolean",
"description": "Indicates whether an app-level pin is required."
},
"printBlocked": {
"type": "boolean",
"description": "Indicates whether printing is allowed from managed apps."
},
"saveAsBlocked": {
"type": "boolean",
"description": "Indicates whether users may use the 'Save As' menu item to save a copy of protected files."
},
"simplePinBlocked": {
"type": "boolean",
"description": "Indicates whether simplePin is blocked."
},
"@odata.type": {
"type": "string",
"default": "#microsoft.graph.managedAppProtection"
}
},
"description": "Policy used to configure detailed management settings for a specified set of apps",
"discriminator": {
"propertyName": "@odata.type",
"mapping": {
"#microsoft.graph.defaultManagedAppProtection": "#/components/schemas/microsoft.graph.defaultManagedAppProtection",
"#microsoft.graph.targetedManagedAppProtection": "#/components/schemas/microsoft.graph.targetedManagedAppProtection",
"#microsoft.graph.androidManagedAppProtection": "#/components/schemas/microsoft.graph.androidManagedAppProtection",
"#microsoft.graph.iosManagedAppProtection": "#/components/schemas/microsoft.graph.iosManagedAppProtection"
}
}
}
]
}