Create Policy

Create a new policy object by specifying display name, policy type, and policy description.

Note: The policy details will be validated before being stored. If it does not pass validation, a 400 Bad Request will be returned.

Prerequisites

One of the following scopes is required to execute this API: Directory.AccessAsUser.All

HTTP request

POST /policies

Request headers

Name Type Description
Authorization string Bearer . Required.
Content-Type application/json Nature of the data in the body of an entity. Required.

Request body

In the request body, provide a JSON representation of policy object.

The following table shows the properties that are required when you create a policy.

Parameter Type Description
definition String The string version of the policy object.
displayName String A custom name for the policy.
type String Specifies the type of policy. Currently must be "TokenLifetimePolicy"

Response

If successful, this method returns 201, Created response code and policy object in the response body. If unsuccessful, a 4xx error will be returned with specific details.

Example

The following example creates a new token lifetime Policy. Notice the string definition parameter has escaped double quotes.

Request

Here is an example of the request.

POST https://graph.microsoft.com/beta/policies
Content-Type: application/json

{
  "displayName":"CustomTokenLifetimePolicy",
  "definition":["{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"],
  "type":"TokenLifetimePolicy"
}
Response

Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.

HTTP/1.1 201 Created
Content-type: application/json

{
  "@odata.context":"https://graph.microsoft.com/beta/$metadata#policies/$entity",
  "id":"id-value",
  "alternativeIdentifier":null,
  "definition":["{\"TokenLifetimePolicy\":{\"Version\":1,\"AccessTokenLifetime\":\"8:00:00\"}}"],
  "displayName":"name-value",
  "isOrganizationDefault":false,
  "keyCredentials",
  "type":"TokenLifetimePolicy"
}