Managing SharePoint Online tenant settings via the Graph API
source link: https://www.michev.info/Blog/Post/3923/managing-sharepoint-online-tenant-settings-via-the-graph-api
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Managing SharePoint Online tenant settings via the Graph API
While the Graph API has a good coverage of “end user” endpoints, which cover most client scenarios, the “admin” part of the experience remains largely non-existent. Especially when it comes to the various Microsoft 365 workloads. So it is with a great pleasure that I can announce the availability of the /settings endpoint for querying and managing (some of) SharePoint Online and OneDrive for Business tenant-wide settings. Let’s dig in.
First things first, this is currently only available under the /beta endpoint, and as such the experience is a subject to change – do not use this in production or do so at your own peril. The settings themselves are exposed as part of the microsoft.graph.tenantAdmin.settings resource, which you can access under the /beta/admin/sharepoint/settings endpoint. Use a GET operation to query the current values and a PATCH one to update them. The permissions needed are SharePointTenantSettings.Read.All for the former and SharePointTenantSettings.ReadWrite.All for the latter, with both delegate and application permissions supported.
To query the currently configured values, use a GET request against the /beta/admin/sharepoint/settings endpoint:
GET https://graph.microsoft.com/beta/admin/sharepoint/settings |
As you can see from the output, only a handful of settings are currently supported, compared to the 100+ properties available within the SharePointOnline admin center or returned by the Get-SPOTenant cmdlet. For the sake of completeness, here’s the list of currently supported settings:
| Property | Description | |
|---|---|---|
| allowedDomainGuidsForSyncApp | Collection of trusted domain GUIDs for the OneDrive sync app. | |
| availableManagedPathsForSiteCreation | Collection of managed paths available for site creation. Read-only. | |
| deletedUserPersonalSiteRetentionPeriodInDays | The number of days for preserving a deleted user’s OneDrive. | |
| excludedFileExtensionsForSyncApp | Collection of file extensions not uploaded by the OneDrive sync app. | |
| imageTaggingOption | Specifies the image tagging option for the tenant. Possible values are: disabled, basic, enhanced. |
|
| isCommentingOnSitePagesEnabled | Indicates whether comments are allowed on modern site pages in SharePoint. | |
| isFileActivityNotificationEnabled | Indicates whether push notifications are enabled for OneDrive events. | |
| isLoopEnabled | Indicates whetherif Fluid Framework is allowed on SharePoint sites. | |
| isMacSyncAppEnabled | Indicates whether files can be synced using the OneDrive sync app for Mac. | |
| isResharingByExternalUsersEnabled | Indicates whether guests are allowed to reshare files, folders, and sites they don’t own. | |
| isSharePointMobileNotificationEnabled | Indicates whether mobile push notifications are enabled for SharePoint. | |
| isSharePointNewsfeedEnabled | Indicates whether the newsfeed is allowed on the modern site pages in SharePoint. | |
| isSiteCreationEnabled | Indicates whether users are allowed to create sites. | |
| isSiteCreationUIEnabled | Indicates whether the UI commands for creating sites are shown. | |
| isSitePagesCreationEnabled | Indicates whether creating new modern pages is allowed on SharePoint sites. | |
| isSitesStorageLimitAutomatic | Indicates whether site storage space is automatically managed or if specific storage limits are set per site. | |
| isSyncButtonHiddenOnPersonalSite | Indicates whether the sync button in OneDrive is hidden. | |
| isUnmanagedSyncAppForTenantRestricted | Indicates whether users are allowed to sync files only on PCs joined to specific domains. | |
| personalSiteDefaultStorageLimitInMB | The default OneDrive storage limit for all new and existing users who are assigned a qualifying license. Measured in megabytes (MB). | |
| sharingAllowedDomainList | Collection of email domains that are allowed for sharing outside the organization. | |
| sharingBlockedDomainList | Collection of email domains that are blocked for sharing outside the organization. | |
| sharingCapability | Sharing capability for the tenant. Possible values are: disabled, externalUserSharingOnly, externalUserAndGuestSharing, existingExternalUserSharingOnly. |
|
| sharingDomainRestrictionMode | Specifies the external sharing mode for domains. Possible values are: none, allowList, blockList. |
|
| siteCreationDefaultManagedPath | The value of the team site managed path. This is the path under which new team sites will be created. | |
| siteCreationDefaultStorageLimitInMB | The default storage quota for a new site upon creation. Measured in megabytes (MB). | |
| tenantDefaultTimezone | The default timezone of a tenant for newly created sites. |
Among the things currently missing are the IP-based restriction settings, conditional access controls, the various claims controls, link expiration, to name a few. Another thing to keep in mind is that not all of these are set-able. The table below covers all the settings you can currently modify via a PATCH request:
| Property | Description | |
|---|---|---|
| allowedDomainGuidsForSyncApp | Collection of trusted domain GUIDs for the OneDrive sync app. | |
| deletedUserPersonalSiteRetentionPeriodInDays | The number of days for preserving a deleted user’s OneDrive. | |
| excludedFileExtensionsForSyncApp | Collection of file extensions not uploaded by the OneDrive sync app. | |
| imageTaggingOption | Specifies the image tagging option for the tenant. Possible values are: disabled, basic, enhanced. |
|
| isCommentingOnSitePagesEnabled | Indicates whether comments are allowed on modern site pages in SharePoint. | |
| isFileActivityNotificationEnabled | Indicates whether push notifications are enabled for OneDrive events. | |
| isLoopEnabled | Indicates whether Fluid Framework is allowed on SharePoint sites. | |
| isMacSyncAppEnabled | Indicates whether files can be synced using the OneDrive sync app for Mac. | |
| isResharingByExternalUsersEnabled | Indicates whether guests are allowed to reshare files, folders, and sites they don’t own. | |
| isSharePointMobileNotificationEnabled | Indicates whether mobile push notifications are enabled for SharePoint. | |
| isSharePointNewsfeedEnabled | Indicates whether the newsfeed is allowed on the modern site pages in SharePoint. | |
| isSiteCreationEnabled | Indicates whether users are allowed to create sites. | |
| isSiteCreationUIEnabled | Indicates whether the UI commands for creating sites are shown. | |
| isSitePagesCreationEnabled | Indicates whether creating new modern pages is allowed on SharePoint sites. | |
| isSitesStorageLimitAutomatic | Indicates whether site storage space is automatically managed or if specific storage limits are set per site. | |
| isSyncButtonHiddenOnPersonalSite | Indicates whether the sync button in OneDrive is hidden. | |
| isUnmanagedSyncAppForTenantRestricted | Indicates whether users are allowed to sync files only on PCs joined to specific domains. | |
| personalSiteDefaultStorageLimitInMB | The default OneDrive storage limit for all new and existing users who are assigned a qualifying license. Measured in megabytes (MB). | |
| sharingAllowedDomainList | Collection of email domains that are allowed for sharing outside the organization. | |
| sharingBlockedDomainList | Collection of email domains that are blocked for sharing outside the organization. | |
| sharingCapability | Sharing capability for the tenant. Possible values are: disabled, externalUserSharingOnly, externalUserAndGuestSharing, existingExternalUserSharingOnly. |
|
| sharingDomainRestrictionMode | Specifies the external sharing mode for domains. Possible values are: none, allowList, blockList. |
|
| siteCreationDefaultManagedPath | The value of the team site managed path. This is the path under which new team sites will be created. | |
| siteCreationDefaultStorageLimitInMB | The default storage quota for a new site upon creation. Measured in megabytes (MB). | |
| tenantDefaultTimezone | The default timezone of a tenant for newly created sites. |
And here’s an example of using a PATCH request to modify the value of the isLoopEnabled setting:
PATCH https://graph.microsoft.com/beta/admin/sharepoint/settings |
Interestingly enough, success is designated by 200 OK response and a refreshed list of the settings:
And that’s pretty much all there is to it, for now 
Recommend
-
6
Microsoft Cloud Show is sponsored by: Nintex has made it fast and easy to put The Power of Process™ to wo...
-
10
Limiting access to SharePoint Online resources via the Graph API Just as I was finishing up my article on suppo...
-
6
Configure cache settings for a web application in SharePoint Server 09/19/2017 9 minutes to read In this article APPLIES TO:
-
9
Querying the B2BManagementPolicy settings via (legacy) Graph API Here’s another one in the series “I blog so I don’t forget about this”, this time related to the B2BManagementPolicy in Azure AD. For whatever reaso...
-
6
Cross-tenant access policy (XTAP) and the Graph API Microsoft just announced the public preview of the Cross-tenant access settings (or policy) controls, which power both the “old” B2B and the new “native” (aka “B...
-
11
Enumerate all SharePoint Online site collections via the Graph API In another article of the “this is now finally possible in Office 365”, here’s how to get a list of all SharePoint Online site collections (or “si...
-
5
Announcing the new SharePoint Pages API in Microsoft Graph Share...
-
14
Manage directory synchronization settings via the Graph API After years of unsuccessful attempts to deprecate the good old MSOnline PowerShell module and subsequent postponements for its end of life, Microsoft seems to...
-
6
Managing Azure AD Recommendations via the Graph API Azure Active Directory Recommendations
-
3
Using Microsoft Graph search with SharePoint Online Microsoft Graph provides one unified API to search all content in SharePoint, OneDrive, Outlook,...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK