Update-MgBetaIdentityConditionalAccessDeletedItem

Update-MgBetaIdentityConditionalAccessDeletedItem
    [-ResponseHeadersVariable <string>]
    [-AdditionalProperties <hashtable>]
    [-Id <string>]
    [-NamedLocations <IMicrosoftGraphNamedLocation[]>]
    [-Policies <IMicrosoftGraphConditionalAccessPolicy[]>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Update-MgBetaIdentityConditionalAccessDeletedItem

    -BodyParameter <IMicrosoftGraphCaPoliciesDeletableRoot>
    [-ResponseHeadersVariable <string>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

{{ Fill in the Description }}

{{ Fill in the Description }}

{{ Fill in the Description }}

COMPLEX PARAMETER PROPERTIES

To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.

BODYPARAMETER <IMicrosoftGraphCaPoliciesDeletableRoot>: caPoliciesDeletableRoot [(Any) <Object>]: This indicates any property can be added to this object. [Id <String>]: The unique identifier for an entity. Read-only. [NamedLocations <IMicrosoftGraphNamedLocation[]>]: Read-only. Nullable. Returns a collection of the specified named locations. [DeletedDateTime <DateTime?>]: Shows the last date and time the policy was deleted. [CreatedDateTime <DateTime?>]: The Timestamp type represents creation date and time of the location using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. [DisplayName <String>]: Human-readable name of the location. [Id <String>]: Identifier of a namedLocation object. Read-only. [ModifiedDateTime <DateTime?>]: The Timestamp type represents last modified date and time of the location using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. [Policies <IMicrosoftGraphConditionalAccessPolicy[]>]: Read-only. Nullable. Returns a collection of the specified Conditional Access policies. [DeletedDateTime <DateTime?>]: Shows the last date and time the policy was deleted. [Conditions <IMicrosoftGraphConditionalAccessConditionSet>]: conditionalAccessConditionSet [(Any) <Object>]: This indicates any property can be added to this object. [AgentIdRiskLevels <String>]: conditionalAccessAgentIdRiskLevels [Applications <IMicrosoftGraphConditionalAccessApplications>]: conditionalAccessApplications [(Any) <Object>]: This indicates any property can be added to this object. [ApplicationFilter <IMicrosoftGraphConditionalAccessFilter>]: conditionalAccessFilter [(Any) <Object>]: This indicates any property can be added to this object. [Mode <String>]: filterMode [Rule <String>]: Rule syntax is similar to that used for membership rules for groups in Microsoft Entra ID. For details, see rules with multiple expressions [ExcludeApplications <String[]>]: Can be one of the following: The list of client IDs (appId) explicitly excluded from the policy. Office365 - For the list of apps included in Office365, see Apps included in Conditional Access Office 365 app suite MicrosoftAdminPortals - For more information, see Conditional Access Target resources: Microsoft Admin Portals [GlobalSecureAccess <IMicrosoftGraphConditionalAccessGlobalSecureAccess>]: conditionalAccessGlobalSecureAccess [(Any) <Object>]: This indicates any property can be added to this object. [IncludeApplications <String[]>]: Can be one of the following: The list of client IDs (appId) the policy applies to, unless explicitly excluded (in excludeApplications) All Office365 - For the list of apps included in Office365, see Apps included in Conditional Access Office 365 app suite MicrosoftAdminPortals - For more information, see Conditional Access Target resources: Microsoft Admin Portals [IncludeAuthenticationContextClassReferences <String[]>]: Authentication context class references include. Supported values are c1 through c25. [IncludeUserActions <String[]>]: User actions to include. Supported values are urn:user:registersecurityinfo and urn:user:registerdevice [NetworkAccess <IMicrosoftGraphConditionalAccessNetworkAccess>]: conditionalAccessNetworkAccess [(Any) <Object>]: This indicates any property can be added to this object. [AuthenticationFlows <IMicrosoftGraphConditionalAccessAuthenticationFlows>]: conditionalAccessAuthenticationFlows [(Any) <Object>]: This indicates any property can be added to this object. [TransferMethods <String>]: conditionalAccessTransferMethods [ClientAppTypes <String[]>]: Client application types included in the policy. The possible values are: all, browser, mobileAppsAndDesktopClients, exchangeActiveSync, easSupported, other. Required. The easUnsupported enumeration member is deprecated in favor of exchangeActiveSync, which includes EAS supported and unsupported platforms. [ClientApplications <IMicrosoftGraphConditionalAccessClientApplications>]: conditionalAccessClientApplications [(Any) <Object>]: This indicates any property can be added to this object. [AgentIdServicePrincipalFilter <IMicrosoftGraphConditionalAccessFilter>]: conditionalAccessFilter [ExcludeAgentIdServicePrincipals <String[]>]: Agent identity object IDs excluded from the policy. [ExcludeServicePrincipals <String[]>]: Service principal IDs excluded from the policy scope. [IncludeAgentIdServicePrincipals <String[]>]: Agent identity object IDs included in the policy. [IncludeServicePrincipals <String[]>]: Service principal IDs included in the policy scope or ServicePrincipalsInMyTenant. [ServicePrincipalFilter <IMicrosoftGraphConditionalAccessFilter>]: conditionalAccessFilter [DeviceStates <IMicrosoftGraphConditionalAccessDeviceStates>]: conditionalAccessDeviceStates [(Any) <Object>]: This indicates any property can be added to this object. [ExcludeStates <String[]>]: States excluded from the scope of the policy. Possible values: Compliant, DomainJoined. [IncludeStates <String[]>]: States in the scope of the policy. All is the only allowed value. [Devices <IMicrosoftGraphConditionalAccessDevices>]: conditionalAccessDevices [(Any) <Object>]: This indicates any property can be added to this object. [DeviceFilter <IMicrosoftGraphConditionalAccessFilter>]: conditionalAccessFilter [ExcludeDeviceStates <String[]>]: States excluded from the scope of the policy. Possible values: Compliant, DomainJoined. [ExcludeDevices <String[]>]: States excluded from the scope of the policy. Possible values: Compliant, DomainJoined. Cannot be set if deviceFIlter is set. [IncludeDeviceStates <String[]>]: States in the scope of the policy. All is the only allowed value. [IncludeDevices <String[]>]: States in the scope of the policy. All is the only allowed value. Cannot be set if deviceFilter is set. [InsiderRiskLevels <String>]: conditionalAccessInsiderRiskLevels [Locations <IMicrosoftGraphConditionalAccessLocations>]: conditionalAccessLocations [(Any) <Object>]: This indicates any property can be added to this object. [ExcludeLocations <String[]>]: Location IDs excluded from scope of policy. [IncludeLocations <String[]>]: Location IDs in scope of policy unless explicitly excluded, All, or AllTrusted. [Platforms <IMicrosoftGraphConditionalAccessPlatforms>]: conditionalAccessPlatforms [(Any) <Object>]: This indicates any property can be added to this object. [ExcludePlatforms <String[]>]: The possible values are: android, iOS, windows, windowsPhone, macOS, all, unknownFutureValue, linux. [IncludePlatforms <String[]>]: The possible values are: android, iOS, windows, windowsPhone, macOS, all, unknownFutureValue,linux. [ServicePrincipalRiskLevels <String[]>]: Service principal risk levels included in the policy. The possible values are: low, medium, high, none, unknownFutureValue. [SignInRiskLevels <String[]>]: Sign-in risk levels included in the policy. The possible values are: low, medium, high, hidden, none, unknownFutureValue. Required. [UserRiskLevels <String[]>]: User risk levels included in the policy. The possible values are: low, medium, high, hidden, none, unknownFutureValue. Required. [Users <IMicrosoftGraphConditionalAccessUsers>]: conditionalAccessUsers [(Any) <Object>]: This indicates any property can be added to this object. [ExcludeGroups <String[]>]: Group IDs excluded from scope of policy. [ExcludeGuestsOrExternalUsers <IMicrosoftGraphConditionalAccessGuestsOrExternalUsers>]: conditionalAccessGuestsOrExternalUsers [(Any) <Object>]: This indicates any property can be added to this object. [ExternalTenants <IMicrosoftGraphConditionalAccessExternalTenants>]: conditionalAccessExternalTenants [(Any) <Object>]: This indicates any property can be added to this object. [MembershipKind <String>]: conditionalAccessExternalTenantsMembershipKind [GuestOrExternalUserTypes <String>]: conditionalAccessGuestOrExternalUserTypes [ExcludeRoles <String[]>]: Role IDs excluded from scope of policy. [ExcludeUsers <String[]>]: User IDs excluded from scope of policy and/or GuestsOrExternalUsers. [IncludeGroups <String[]>]: Group IDs in scope of policy unless explicitly excluded. [IncludeGuestsOrExternalUsers <IMicrosoftGraphConditionalAccessGuestsOrExternalUsers>]: conditionalAccessGuestsOrExternalUsers [IncludeRoles <String[]>]: Role IDs in scope of policy unless explicitly excluded. [IncludeUsers <String[]>]: User IDs in scope of policy unless explicitly excluded, None, All, or GuestsOrExternalUsers. [CreatedDateTime <DateTime?>]: The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. [Description <String>]: Not used. [DisplayName <String>]: Specifies a display name for the conditionalAccessPolicy object. [GrantControls <IMicrosoftGraphConditionalAccessGrantControls>]: conditionalAccessGrantControls [(Any) <Object>]: This indicates any property can be added to this object. [AuthenticationStrength <IMicrosoftGraphAuthenticationStrengthPolicy>]: authenticationStrengthPolicy [(Any) <Object>]: This indicates any property can be added to this object. [Id <String>]: The unique identifier for an entity. Read-only. [AllowedCombinations <String[]>]: A collection of authentication method modes that are required be used to satify this authentication strength. [CombinationConfigurations <IMicrosoftGraphAuthenticationCombinationConfiguration[]>]: Settings that may be used to require specific types or instances of an authentication method to be used when authenticating with a specified combination of authentication methods. [Id <String>]: The unique identifier for an entity. Read-only. [AppliesToCombinations <String[]>]: Which authentication method combinations this configuration applies to. Must be an allowedCombinations object defined for the authenticationStrengthPolicy. For fido2combinationConfigurations use 'fido2', for x509certificatecombinationconfiguration use 'x509CertificateSingleFactor' or 'x509CertificateMultiFactor'. [CreatedDateTime <DateTime?>]: The datetime when this policy was created. [Description <String>]: The human-readable description of this policy. [DisplayName <String>]: The human-readable display name of this policy. Supports $filter (eq, ne, not , and in). [ModifiedDateTime <DateTime?>]: The datetime when this policy was last modified. [PolicyType <String>]: authenticationStrengthPolicyType [RequirementsSatisfied <String>]: authenticationStrengthRequirements [BuiltInControls <String[]>]: List of values of built-in controls required by the policy. Possible values: block, mfa, compliantDevice, domainJoinedDevice, approvedApplication, compliantApplication, passwordChange, unknownFutureValue. [CustomAuthenticationFactors <String[]>]: List of custom controls IDs required by the policy. To learn more about custom control, see Custom controls (preview). [Operator <String>]: Defines the relationship of the grant controls. Possible values: AND, OR. [TermsOfUse <String[]>]: List of terms of use IDs required by the policy. [Id <String>]: Specifies the identifier of a conditionalAccessPolicy object. Read-only. [ModifiedDateTime <DateTime?>]: The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. [SessionControls <IMicrosoftGraphConditionalAccessSessionControls>]: conditionalAccessSessionControls [(Any) <Object>]: This indicates any property can be added to this object. [ApplicationEnforcedRestrictions <IMicrosoftGraphApplicationEnforcedRestrictionsSessionControl>]: applicationEnforcedRestrictionsSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [CloudAppSecurity <IMicrosoftGraphCloudAppSecuritySessionControl>]: cloudAppSecuritySessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [CloudAppSecurityType <String>]: cloudAppSecuritySessionControlType [ContinuousAccessEvaluation <IMicrosoftGraphContinuousAccessEvaluationSessionControl>]: continuousAccessEvaluationSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [Mode <String>]: continuousAccessEvaluationMode [DisableResilienceDefaults <Boolean?>]: Session control that determines whether it's acceptable for Microsoft Entra ID to extend existing sessions based on information collected prior to an outage or not. [GlobalSecureAccessFilteringProfile <IMicrosoftGraphGlobalSecureAccessFilteringProfileSessionControl>]: globalSecureAccessFilteringProfileSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [ProfileId <String>]: Specifies the distinct identifier that is assigned to the security profile or filtering profile. [PersistentBrowser <IMicrosoftGraphPersistentBrowserSessionControl>]: persistentBrowserSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [Mode <String>]: persistentBrowserSessionMode [SecureSignInSession <IMicrosoftGraphSecureSignInSessionControl>]: secureSignInSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [SignInFrequency <IMicrosoftGraphSignInFrequencySessionControl>]: signInFrequencySessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [AuthenticationType <String>]: signInFrequencyAuthenticationType [FrequencyInterval <String>]: signInFrequencyInterval [Type <String>]: signinFrequencyType [Value <Int32?>]: The number of days or hours. [State <String>]: conditionalAccessPolicyState

NAMEDLOCATIONS <IMicrosoftGraphNamedLocation[]>: Read-only. Nullable. Returns a collection of the specified named locations. [DeletedDateTime <DateTime?>]: Shows the last date and time the policy was deleted. [CreatedDateTime <DateTime?>]: The Timestamp type represents creation date and time of the location using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. [DisplayName <String>]: Human-readable name of the location. [Id <String>]: Identifier of a namedLocation object. Read-only. [ModifiedDateTime <DateTime?>]: The Timestamp type represents last modified date and time of the location using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only.

POLICIES <IMicrosoftGraphConditionalAccessPolicy[]>: Read-only. Nullable. Returns a collection of the specified Conditional Access policies. [DeletedDateTime <DateTime?>]: Shows the last date and time the policy was deleted. [Conditions <IMicrosoftGraphConditionalAccessConditionSet>]: conditionalAccessConditionSet [(Any) <Object>]: This indicates any property can be added to this object. [AgentIdRiskLevels <String>]: conditionalAccessAgentIdRiskLevels [Applications <IMicrosoftGraphConditionalAccessApplications>]: conditionalAccessApplications [(Any) <Object>]: This indicates any property can be added to this object. [ApplicationFilter <IMicrosoftGraphConditionalAccessFilter>]: conditionalAccessFilter [(Any) <Object>]: This indicates any property can be added to this object. [Mode <String>]: filterMode [Rule <String>]: Rule syntax is similar to that used for membership rules for groups in Microsoft Entra ID. For details, see rules with multiple expressions [ExcludeApplications <String[]>]: Can be one of the following: The list of client IDs (appId) explicitly excluded from the policy. Office365 - For the list of apps included in Office365, see Apps included in Conditional Access Office 365 app suite MicrosoftAdminPortals - For more information, see Conditional Access Target resources: Microsoft Admin Portals [GlobalSecureAccess <IMicrosoftGraphConditionalAccessGlobalSecureAccess>]: conditionalAccessGlobalSecureAccess [(Any) <Object>]: This indicates any property can be added to this object. [IncludeApplications <String[]>]: Can be one of the following: The list of client IDs (appId) the policy applies to, unless explicitly excluded (in excludeApplications) All Office365 - For the list of apps included in Office365, see Apps included in Conditional Access Office 365 app suite MicrosoftAdminPortals - For more information, see Conditional Access Target resources: Microsoft Admin Portals [IncludeAuthenticationContextClassReferences <String[]>]: Authentication context class references include. Supported values are c1 through c25. [IncludeUserActions <String[]>]: User actions to include. Supported values are urn:user:registersecurityinfo and urn:user:registerdevice [NetworkAccess <IMicrosoftGraphConditionalAccessNetworkAccess>]: conditionalAccessNetworkAccess [(Any) <Object>]: This indicates any property can be added to this object. [AuthenticationFlows <IMicrosoftGraphConditionalAccessAuthenticationFlows>]: conditionalAccessAuthenticationFlows [(Any) <Object>]: This indicates any property can be added to this object. [TransferMethods <String>]: conditionalAccessTransferMethods [ClientAppTypes <String[]>]: Client application types included in the policy. The possible values are: all, browser, mobileAppsAndDesktopClients, exchangeActiveSync, easSupported, other. Required. The easUnsupported enumeration member is deprecated in favor of exchangeActiveSync, which includes EAS supported and unsupported platforms. [ClientApplications <IMicrosoftGraphConditionalAccessClientApplications>]: conditionalAccessClientApplications [(Any) <Object>]: This indicates any property can be added to this object. [AgentIdServicePrincipalFilter <IMicrosoftGraphConditionalAccessFilter>]: conditionalAccessFilter [ExcludeAgentIdServicePrincipals <String[]>]: Agent identity object IDs excluded from the policy. [ExcludeServicePrincipals <String[]>]: Service principal IDs excluded from the policy scope. [IncludeAgentIdServicePrincipals <String[]>]: Agent identity object IDs included in the policy. [IncludeServicePrincipals <String[]>]: Service principal IDs included in the policy scope or ServicePrincipalsInMyTenant. [ServicePrincipalFilter <IMicrosoftGraphConditionalAccessFilter>]: conditionalAccessFilter [DeviceStates <IMicrosoftGraphConditionalAccessDeviceStates>]: conditionalAccessDeviceStates [(Any) <Object>]: This indicates any property can be added to this object. [ExcludeStates <String[]>]: States excluded from the scope of the policy. Possible values: Compliant, DomainJoined. [IncludeStates <String[]>]: States in the scope of the policy. All is the only allowed value. [Devices <IMicrosoftGraphConditionalAccessDevices>]: conditionalAccessDevices [(Any) <Object>]: This indicates any property can be added to this object. [DeviceFilter <IMicrosoftGraphConditionalAccessFilter>]: conditionalAccessFilter [ExcludeDeviceStates <String[]>]: States excluded from the scope of the policy. Possible values: Compliant, DomainJoined. [ExcludeDevices <String[]>]: States excluded from the scope of the policy. Possible values: Compliant, DomainJoined. Cannot be set if deviceFIlter is set. [IncludeDeviceStates <String[]>]: States in the scope of the policy. All is the only allowed value. [IncludeDevices <String[]>]: States in the scope of the policy. All is the only allowed value. Cannot be set if deviceFilter is set. [InsiderRiskLevels <String>]: conditionalAccessInsiderRiskLevels [Locations <IMicrosoftGraphConditionalAccessLocations>]: conditionalAccessLocations [(Any) <Object>]: This indicates any property can be added to this object. [ExcludeLocations <String[]>]: Location IDs excluded from scope of policy. [IncludeLocations <String[]>]: Location IDs in scope of policy unless explicitly excluded, All, or AllTrusted. [Platforms <IMicrosoftGraphConditionalAccessPlatforms>]: conditionalAccessPlatforms [(Any) <Object>]: This indicates any property can be added to this object. [ExcludePlatforms <String[]>]: The possible values are: android, iOS, windows, windowsPhone, macOS, all, unknownFutureValue, linux. [IncludePlatforms <String[]>]: The possible values are: android, iOS, windows, windowsPhone, macOS, all, unknownFutureValue,linux. [ServicePrincipalRiskLevels <String[]>]: Service principal risk levels included in the policy. The possible values are: low, medium, high, none, unknownFutureValue. [SignInRiskLevels <String[]>]: Sign-in risk levels included in the policy. The possible values are: low, medium, high, hidden, none, unknownFutureValue. Required. [UserRiskLevels <String[]>]: User risk levels included in the policy. The possible values are: low, medium, high, hidden, none, unknownFutureValue. Required. [Users <IMicrosoftGraphConditionalAccessUsers>]: conditionalAccessUsers [(Any) <Object>]: This indicates any property can be added to this object. [ExcludeGroups <String[]>]: Group IDs excluded from scope of policy. [ExcludeGuestsOrExternalUsers <IMicrosoftGraphConditionalAccessGuestsOrExternalUsers>]: conditionalAccessGuestsOrExternalUsers [(Any) <Object>]: This indicates any property can be added to this object. [ExternalTenants <IMicrosoftGraphConditionalAccessExternalTenants>]: conditionalAccessExternalTenants [(Any) <Object>]: This indicates any property can be added to this object. [MembershipKind <String>]: conditionalAccessExternalTenantsMembershipKind [GuestOrExternalUserTypes <String>]: conditionalAccessGuestOrExternalUserTypes [ExcludeRoles <String[]>]: Role IDs excluded from scope of policy. [ExcludeUsers <String[]>]: User IDs excluded from scope of policy and/or GuestsOrExternalUsers. [IncludeGroups <String[]>]: Group IDs in scope of policy unless explicitly excluded. [IncludeGuestsOrExternalUsers <IMicrosoftGraphConditionalAccessGuestsOrExternalUsers>]: conditionalAccessGuestsOrExternalUsers [IncludeRoles <String[]>]: Role IDs in scope of policy unless explicitly excluded. [IncludeUsers <String[]>]: User IDs in scope of policy unless explicitly excluded, None, All, or GuestsOrExternalUsers. [CreatedDateTime <DateTime?>]: The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. [Description <String>]: Not used. [DisplayName <String>]: Specifies a display name for the conditionalAccessPolicy object. [GrantControls <IMicrosoftGraphConditionalAccessGrantControls>]: conditionalAccessGrantControls [(Any) <Object>]: This indicates any property can be added to this object. [AuthenticationStrength <IMicrosoftGraphAuthenticationStrengthPolicy>]: authenticationStrengthPolicy [(Any) <Object>]: This indicates any property can be added to this object. [Id <String>]: The unique identifier for an entity. Read-only. [AllowedCombinations <String[]>]: A collection of authentication method modes that are required be used to satify this authentication strength. [CombinationConfigurations <IMicrosoftGraphAuthenticationCombinationConfiguration[]>]: Settings that may be used to require specific types or instances of an authentication method to be used when authenticating with a specified combination of authentication methods. [Id <String>]: The unique identifier for an entity. Read-only. [AppliesToCombinations <String[]>]: Which authentication method combinations this configuration applies to. Must be an allowedCombinations object defined for the authenticationStrengthPolicy. For fido2combinationConfigurations use 'fido2', for x509certificatecombinationconfiguration use 'x509CertificateSingleFactor' or 'x509CertificateMultiFactor'. [CreatedDateTime <DateTime?>]: The datetime when this policy was created. [Description <String>]: The human-readable description of this policy. [DisplayName <String>]: The human-readable display name of this policy. Supports $filter (eq, ne, not , and in). [ModifiedDateTime <DateTime?>]: The datetime when this policy was last modified. [PolicyType <String>]: authenticationStrengthPolicyType [RequirementsSatisfied <String>]: authenticationStrengthRequirements [BuiltInControls <String[]>]: List of values of built-in controls required by the policy. Possible values: block, mfa, compliantDevice, domainJoinedDevice, approvedApplication, compliantApplication, passwordChange, unknownFutureValue. [CustomAuthenticationFactors <String[]>]: List of custom controls IDs required by the policy. To learn more about custom control, see Custom controls (preview). [Operator <String>]: Defines the relationship of the grant controls. Possible values: AND, OR. [TermsOfUse <String[]>]: List of terms of use IDs required by the policy. [Id <String>]: Specifies the identifier of a conditionalAccessPolicy object. Read-only. [ModifiedDateTime <DateTime?>]: The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Readonly. [SessionControls <IMicrosoftGraphConditionalAccessSessionControls>]: conditionalAccessSessionControls [(Any) <Object>]: This indicates any property can be added to this object. [ApplicationEnforcedRestrictions <IMicrosoftGraphApplicationEnforcedRestrictionsSessionControl>]: applicationEnforcedRestrictionsSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [CloudAppSecurity <IMicrosoftGraphCloudAppSecuritySessionControl>]: cloudAppSecuritySessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [CloudAppSecurityType <String>]: cloudAppSecuritySessionControlType [ContinuousAccessEvaluation <IMicrosoftGraphContinuousAccessEvaluationSessionControl>]: continuousAccessEvaluationSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [Mode <String>]: continuousAccessEvaluationMode [DisableResilienceDefaults <Boolean?>]: Session control that determines whether it's acceptable for Microsoft Entra ID to extend existing sessions based on information collected prior to an outage or not. [GlobalSecureAccessFilteringProfile <IMicrosoftGraphGlobalSecureAccessFilteringProfileSessionControl>]: globalSecureAccessFilteringProfileSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [ProfileId <String>]: Specifies the distinct identifier that is assigned to the security profile or filtering profile. [PersistentBrowser <IMicrosoftGraphPersistentBrowserSessionControl>]: persistentBrowserSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [Mode <String>]: persistentBrowserSessionMode [SecureSignInSession <IMicrosoftGraphSecureSignInSessionControl>]: secureSignInSessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [SignInFrequency <IMicrosoftGraphSignInFrequencySessionControl>]: signInFrequencySessionControl [(Any) <Object>]: This indicates any property can be added to this object. [IsEnabled <Boolean?>]: Specifies whether the session control is enabled. [AuthenticationType <String>]: signInFrequencyAuthenticationType [FrequencyInterval <String>]: signInFrequencyInterval [Type <String>]: signinFrequencyType [Value <Int32?>]: The number of days or hours. [State <String>]: conditionalAccessPolicyState