You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: .github/prompts/author-api-docs.prompt.md
+7-2Lines changed: 7 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1377,7 +1377,12 @@ When a new relationship is added to an existing resource:
1377
1377
1378
1378
**When to use:**
1379
1379
- Member names are self-explanatory
1380
-
- No descriptions needed
1380
+
- No or minimal descriptions needed
1381
+
1382
+
Example where minimal descriptions are needed:
1383
+
```markdown
1384
+
The possible values are: <br/><li>`none`: No cross-tenant access. Indicates a single-tenant, non-B2B scenario. </li> <li>`b2bCollaboration`: The connection involves B2B collaboration across tenants. </li> <li>`unknownFutureValue`: Evolvable enumeration sentinel value. Do not use.</li>
1385
+
```
1381
1386
1382
1387
**Note:** enums.md and enums-{subnamespace}.md files are not customer-facing (they're for API Doctor validation only).
1383
1388
@@ -1474,7 +1479,7 @@ Create a dedicated topic for the enumeration. This option is rarely applicable.
1474
1479
**When to use:**
1475
1480
- Need descriptions for enum members and Option 2 isn't suitable
1476
1481
- Multiple resources use the enum
1477
-
- Enum has many members requiring detailed descriptions
1482
+
- Enum has many members requiring detailed descriptions that might reduce scannability in Options 1 or 2
1478
1483
1479
1484
**Important:** Use only when necessary. Prefer Option 1 or 2 whenever possible.
Copy file name to clipboardExpand all lines: api-reference/beta/resources/groups-overview.md
+10-8Lines changed: 10 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ ms.localizationpriority: high
8
8
ms.subservice: entra-groups
9
9
doc_type: conceptualPageType
10
10
ms.topic: overview
11
-
ms.date: 04/29/2025
11
+
ms.date: 02/19/2026
12
12
#customer intent: As a developer, I want to understand how to create and manage groups using Microsoft Graph so that I can simplify access management for my organization.
13
13
---
14
14
@@ -97,6 +97,10 @@ Content-type: application/json
97
97
}
98
98
```
99
99
100
+
## Group ownership
101
+
102
+
Groups can have one or more owners who manage the group. Owners can be users or service principals. We recommend assigning at least two owners to a group to ensure continuity.
103
+
100
104
## Group membership
101
105
102
106
Groups can have static or dynamic memberships. Dynamic membership uses rules to automatically add or remove members based on their properties. Not all object types can be members of Microsoft 365 and security groups.
@@ -254,13 +258,7 @@ The Microsoft Graph groups API supports these common operations:
254
258
255
259
## Microsoft Entra roles for managing groups
256
260
257
-
To manage groups, the signed-in user must have the appropriate Microsoft Graph permissions and be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json).
258
-
259
-
The least privileged roles for managing groups are:
260
-
261
-
- Directory Writers
262
-
- Groups Administrator
263
-
- User Administrator
261
+
To manage groups, the signed-in user must have the appropriate Microsoft Graph permissions and be assigned a supported [Microsoft Entra role](/entra/identity/role-based-access-control/permissions-reference?toc=%2Fgraph%2Ftoc.json) or a custom role with supported permissions. *Groups Administrator* is the main role for managing groups, but other roles such as *User Administrator*, *Exchange Administrator*, and *Directory Writers* can also manage groups with varying levels of permissions.
264
262
265
263
For more information, see [Least privileged roles to manage groups](/entra/identity/role-based-access-control/delegate-by-task#groups).
266
264
@@ -269,3 +267,7 @@ For more information, see [Least privileged roles to manage groups](/entra/ident
269
267
> [!div class="nextstepaction"]
270
268
> [Start working with groups](../resources/group.md)
271
269
270
+
## See also
271
+
272
+
-[Best practices for managing groups in the cloud](/entra/fundamentals/concept-learn-about-groups#best-practices-for-managing-groups-in-the-cloud)
### Example 3: Create a mover workflow with a set target scope
376
+
377
+
#### Request
378
+
379
+
The following example shows a request that creates a workflow with the following configuration:
380
+
+ It's a "mover" workflow-enabled and set to run on-demand only.
381
+
+ It runs for users within the set target scope of the administrative units "4f9dc456-0574-4122-9e55-8b4cc494b27d" and "2c987843-e9b1-4b1a-b924-ff1d2a9b054d".
382
+
+ One task is carried out, which is to send an email to notify the user's manager of the move.
0 commit comments