Merge pull request #28799 from microsoftgraph/main

Merge to publish.

Author: Danipocket

api-reference/beta/api/accesspackageresource-delete-uploadsessions.md

@@ -16,6 +16,8 @@ Namespace: microsoft.graph
 
 Delete a [customDataProvidedResourceUploadSession](../resources/customdataprovidedresourceuploadsession.md) object.
 
+[!INCLUDE [national-cloud-support](../../includes/global-only.md)]
+
 ## Permissions
 
 Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

api-reference/beta/api/accesspackageresource-list-uploadsessions.md

@@ -16,6 +16,8 @@ Namespace: microsoft.graph
 
 Get a list of the [customDataProvidedResourceUploadSession](../resources/customdataprovidedresourceuploadsession.md) objects and their properties.
 
+[!INCLUDE [national-cloud-support](../../includes/global-only.md)]
+
 ## Permissions
 
 Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).

api-reference/beta/api/accessreviewinstance-batchapplycustomdataprovidedresourcedecisions.md

@@ -18,7 +18,7 @@ Enables reviewers to set the `applyResult` and `applyDescription` on all [access
 
 **NOTE:** The access review instance must be in an `Applying` state.
 
-[!INCLUDE [national-cloud-support](../../includes/all-clouds.md)]
+[!INCLUDE [national-cloud-support](../../includes/global-only.md)]
 
 ## Permissions
 

api-reference/beta/api/calendar-permanentdelete.md

@@ -34,7 +34,7 @@ Choose the permission or permissions marked as least privileged for this API. Us
 }
 -->
 ``` http
-POST /users/{usersId}/calendar/permanentDelete
+POST /users/{usersId}/calendars/permanentDelete
 POST /groups/{groupsId}/calendar/permanentDelete
 ```
 
@@ -64,7 +64,7 @@ The following example shows a request.
 }
 -->
 ``` http
-POST https://graph.microsoft.com/beta/users/{usersId}/calendar/permanentDelete
+POST https://graph.microsoft.com/beta/users/{usersId}/calendars/permanentDelete
 ```
 
 # [C#](#tab/csharp)

api-reference/beta/api/calendar-update.md

@@ -61,6 +61,9 @@ In the request body, supply the values for relevant fields that should be update
 |isDefaultCalendar|Boolean|True if this calendar is the user's default calendar, false otherwise.|
 |name|String|The calendar name.|
 
+> [!IMPORTANT]
+> Calendar container properties in group calendars are read-only and can't be modified. `PATCH` requests that target these properties fail with a `405 Method Not Allowed` response.
+
 ## Response
 
 If successful, this method returns a `200 OK` response code and updated [calendar](../resources/calendar.md) object in the response body.

api-reference/beta/api/crosstenantaccesspolicyconfigurationdefault-list-m365capabilities.md

@@ -0,0 +1,120 @@
+---
+title: "List m365Capabilities for default policy"
+description: "Get a list of Microsoft 365 cross-tenant capabilities configured for the default cross-tenant access policy."
+author: "lasharma"
+ms.date: 04/23/2026
+ms.localizationpriority: medium
+ms.subservice: "entra-sign-in"
+doc_type: apiPageType
+---
+
+# List m365Capabilities for default policy
+
+Namespace: microsoft.graph
+
+[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
+
+Get a list of Microsoft 365 cross-tenant capabilities configured for the [default cross-tenant access policy](../resources/crosstenantaccesspolicyconfigurationdefault.md). The returned collection is a heterogeneous collection of derived types of [m365CapabilityBase](../resources/m365capabilitybase.md), differentiated by their **@odata.type** property.
+
+## Permissions
+
+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+
+<!-- {
+  "blockType": "permissions",
+  "name": "crosstenantaccesspolicyconfigurationdefault-list-m365capabilities-permissions"
+}
+-->
+[!INCLUDE [permissions-table](../includes/permissions/crosstenantaccesspolicyconfigurationdefault-list-m365capabilities-permissions.md)]
+
+## HTTP request
+
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+GET /policies/crossTenantAccessPolicy/default/m365Capabilities
+```
+
+## Optional query parameters
+
+This method supports the `$select`, `$filter`, `$top`, `$skip`, and `$count` [OData query parameters](/graph/query-parameters) to help customize the response.
+
+## Request headers
+
+|Name|Description|
+|:---|:---|
+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|
+
+## Request body
+
+Don't supply a request body for this method.
+
+## Response
+
+If successful, this method returns a `200 OK` response code and a collection of [m365CapabilityBase](../resources/m365capabilitybase.md) objects in the response body.
+
+## Examples
+
+### Request
+
+The following example shows a request.
+<!-- {
+  "blockType": "request",
+  "name": "list_m365capabilitybase"
+}
+-->
+``` http
+GET https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/default/m365Capabilities
+```
+
+
+### Response
+
+The following example shows the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+  "blockType": "response",
+  "truncated": true,
+  "@odata.type": "Collection(microsoft.graph.m365CapabilityBase)"
+}
+-->
+``` http
+HTTP/1.1 200 OK
+Content-Type: application/json
+
+{
+  "value": [
+    {
+      "@odata.type": "#microsoft.graph.crossTenantOpenProfileCard",
+      "name": "crossTenantOpenProfileCard",
+      "lastModifiedDateTime": "2026-01-15T10:04:11.4531504Z",
+      "inboundAccess": {
+        "isAllowed": true,
+        "resourceScopes": {
+          "included": [
+            {
+              "resourceId": "ad4fc698-74dc-4f62-9e71-ba9b591e8e74",
+              "resourceType": "group"
+            }
+          ],
+          "excluded": []
+        }
+      }
+    },
+    {
+      "@odata.type": "#microsoft.graph.crossTenantMigration",
+      "name": "crossTenantMigration",
+      "lastModifiedDateTime": "2026-01-15T10:08:08.8321956Z",
+      "inboundAccess": {
+        "isAllowed": false,
+        "resourceScopes": {
+          "included": [],
+          "excluded": []
+        }
+      }
+    }
+  ]
+}
+```

api-reference/beta/api/crosstenantaccesspolicyconfigurationdefault-post-m365capabilities.md

@@ -0,0 +1,200 @@
+---
+title: "Create m365CapabilityBase for default policy"
+description: "Create a new Microsoft 365 cross-tenant capability for the default cross-tenant access policy."
+author: "lasharma"
+ms.date: 04/23/2026
+ms.localizationpriority: medium
+ms.subservice: "entra-sign-in"
+doc_type: apiPageType
+---
+
+# Create m365CapabilityBase for default policy
+
+Namespace: microsoft.graph
+
+[!INCLUDE [beta-disclaimer](../../includes/beta-disclaimer.md)]
+
+Create a new Microsoft 365 cross-tenant capability for the [default cross-tenant access policy](../resources/crosstenantaccesspolicyconfigurationdefault.md). The **@odata.type** property in the request body is required to specify which type of capability to create.
+
+## Permissions
+
+Choose the permission or permissions marked as least privileged for this API. Use a higher privileged permission or permissions [only if your app requires it](/graph/permissions-overview#best-practices-for-using-microsoft-graph-permissions). For details about delegated and application permissions, see [Permission types](/graph/permissions-overview#permission-types). To learn more about these permissions, see the [permissions reference](/graph/permissions-reference).
+
+<!-- {
+  "blockType": "permissions",
+  "name": "crosstenantaccesspolicyconfigurationdefault-post-m365capabilities-permissions"
+}
+-->
+[!INCLUDE [permissions-table](../includes/permissions/crosstenantaccesspolicyconfigurationdefault-post-m365capabilities-permissions.md)]
+
+## HTTP request
+
+<!-- {
+  "blockType": "ignored"
+}
+-->
+``` http
+POST /policies/crossTenantAccessPolicy/default/m365Capabilities
+```
+
+## Request headers
+
+|Name|Description|
+|:---|:---|
+|Authorization|Bearer {token}. Required. Learn more about [authentication and authorization](/graph/auth/auth-concepts).|
+|Content-Type|application/json. Required.|
+
+## Request body
+
+In the request body, supply a JSON representation of a derived type of [m365CapabilityBase](../resources/m365capabilitybase.md). The **@odata.type** property is required to specify the capability type.
+
+You can specify the following properties when you create an **m365CapabilityBase** capability.
+
+|Property|Type|Description|
+|:---|:---|:---|
+|@odata.type|String|The type of capability to create. Required. Example values: `#microsoft.graph.crossTenantOpenProfileCard`, `#microsoft.graph.crossTenantMigration`.|
+|inboundAccess|[m365CapabilityInboundAccess](../resources/m365capabilityinboundaccess.md)|The inbound access settings for the capability. Required.|
+
+## Response
+
+If successful, this method returns a `201 Created` response code and the created capability object in the response body.
+
+## Examples
+
+### Example 1: Create a cross-tenant open profile card capability
+The following example shows how to create a [cross-tenant open profile card](../resources/crosstenantopenprofilecard.md) capability.
+#### Request
+
+The following example shows a request.
+<!-- {
+  "blockType": "request",
+  "name": "create_crosstenantopenprofilecard"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/default/m365Capabilities
+Content-Type: application/json
+
+{
+  "@odata.type": "#microsoft.graph.crossTenantOpenProfileCard",
+  "inboundAccess": {
+    "isAllowed": true,
+    "resourceScopes": {
+      "included": [
+        {
+          "resourceId": "ad4fc698-74dc-4f62-9e71-ba9b591e8e74",
+          "resourceType": "group"
+        }
+      ],
+      "excluded": [
+        {
+          "resourceId": "ad4fc698-74dc-4f62-9e71-ba9b591e8e00",
+          "resourceType": "group"
+        }
+      ]
+    }
+  }
+}
+```
+
+#### Response
+
+The following example shows the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+  "blockType": "response",
+  "truncated": true,
+  "@odata.type": "microsoft.graph.crossTenantOpenProfileCard"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+  "@odata.type": "#microsoft.graph.crossTenantOpenProfileCard",
+  "name": "crossTenantOpenProfileCard",
+  "lastModifiedDateTime": "2026-01-15T10:04:11.4531504Z",
+  "inboundAccess": {
+    "isAllowed": true,
+    "resourceScopes": {
+      "included": [
+        {
+          "resourceId": "ad4fc698-74dc-4f62-9e71-ba9b591e8e74",
+          "resourceType": "group"
+        }
+      ],
+      "excluded": [
+        {
+          "resourceId": "ad4fc698-74dc-4f62-9e71-ba9b591e8e00",
+          "resourceType": "group"
+        }
+      ]
+    }
+  }
+}
+```
+
+### Example 2: Create a cross-tenant migration capability
+The following example shows how to create a [cross-tenant migration](../resources/crosstenantmigration.md) capability.
+#### Request
+
+The following example shows a request.
+<!-- {
+  "blockType": "request",
+  "name": "create_crosstenantmigration"
+}
+-->
+``` http
+POST https://graph.microsoft.com/beta/policies/crossTenantAccessPolicy/default/m365Capabilities
+Content-Type: application/json
+
+{
+  "@odata.type": "#microsoft.graph.crossTenantMigration",
+  "inboundAccess": {
+    "isAllowed": true,
+    "resourceScopes": {
+      "included": [
+        {
+          "resourceId": "ad4fc698-74dc-4f62-9e71-ba9b591e8e74",
+          "resourceType": "group"
+        }
+      ],
+      "excluded": []
+    }
+  }
+}
+```
+
+#### Response
+
+The following example shows the response.
+>**Note:** The response object shown here might be shortened for readability.
+<!-- {
+  "blockType": "response",
+  "truncated": true,
+  "@odata.type": "microsoft.graph.crossTenantMigration"
+}
+-->
+``` http
+HTTP/1.1 201 Created
+Content-Type: application/json
+
+{
+  "@odata.type": "#microsoft.graph.crossTenantMigration",
+  "name": "crossTenantMigration",
+  "lastModifiedDateTime": "2026-01-15T10:08:08.8321956Z",
+  "inboundAccess": {
+    "isAllowed": true,
+    "resourceScopes": {
+      "included": [
+        {
+          "resourceId": "ad4fc698-74dc-4f62-9e71-ba9b591e8e74",
+          "resourceType": "group"
+        }
+      ],
+      "excluded": []
+    }
+  }
+}
+```