Does CloudPC.ReadWrite.All require admin consent?

Yes, Application permissions always require admin consent. An administrator must grant consent in the Azure portal.

How do I add CloudPC.ReadWrite.All to my app registration?

Go to Azure Portal > App registrations > Your app > API permissions > Add permission > Microsoft Graph, then search for CloudPC.ReadWrite.All and select it.

CloudPC.ReadWrite.All Permission - Microsoft Graph API

Permission Details

Application Permission

Read and write Cloud PCs

Allows the app to read and write the properties of Cloud PCs, without a signed-in user.

Permission ID: 3b4349e1-8cf5-45a3-95b7-69d1751d3e6a

Delegated Permission

Read and write Cloud PCs

Allows the app to read and write the properties of Cloud PCs on behalf of the signed-in user.

Permission ID: 9d77138f-f0e2-47ba-ab33-cd246c8b79d1

Properties

Property	Type	Description
`id`	`string`	The unique identifier for an entity. Read-only.
`displayName`	`string`Nullable	The display name of the Cloud PC.
`lastModifiedDateTime`	`date-time`	The last modified date and time of the Cloud PC. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014, is 2014-01-01T00:00:00Z.
`connectionSetting`	`object`	The connection setting of the Cloud PC. Possible values: enableSingleSignOn. Read Only.
`allotmentDisplayName`	`string`Nullable	The allotment name divides tenant licenses into smaller batches or groups that help restrict the number of licenses available for use in a specific assignment. When the provisioningType is dedicated, the allotment name is null. Read-only.
`provisionedDateTime`	`date-time`Nullable	The latest provisioned date and time, automatically generated and assigned during the initial provisioning or any subsequent reprovisioning of the Cloud PC. The timestamp type represents date and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.
`userPrincipalName`	`string`Nullable	The user principal name (UPN) of the user assigned to the Cloud PC.
`statusDetail`	`object`	Indicates the detailed status associated with Cloud PC, including error/warning code, error/warning message, additionalInformation. For example, { 'code': 'internalServerError', 'message': 'There was an error during the Cloud PC upgrade. Please contact support.', 'additionalInformation': null }.
`diskEncryptionState`	`object`	The disk encryption applied to the Cloud PC. Possible values: notAvailable, notEncrypted, encryptedUsingPlatformManagedKey, encryptedUsingCustomerManagedKey, and unknownFutureValue.
`frontlineCloudPcAvailability`	`object`	The current availability of a frontline assigned Cloud PC. Possible values: notApplicable, available, notAvailable, and unknownFutureValue. Default value is notApplicable. Read-only. This property is deprecated and will stop returning data on October 30, 2025. Going forward use the retrieveFrontlineCloudPcDetail API.
`aadDeviceId`	`string`Nullable	The Microsoft Entra device ID of the Cloud PC.
`onPremisesConnectionName`	`string`Nullable	The Azure network connection that is applied during the provisioning of Cloud PCs.
`partnerAgentInstallResults`	`microsoft.graph.cloudPcPartnerAgentInstallResult collection`	The results of every partner agent's installation status on Cloud PC.
`userExperienceType`	`object`	Specifies the type of cloud object the end user can access. The possible values are: cloudPc, cloudApp, unknownFutureValue. When set to cloudPc, it indicates that the end user can access the entire desktop. When set to cloudApp, it indicates that the end user can only access cloud apps published under the associated provisioning policy. Since the cloud app experience also creates Cloud PC devices that appear in the Cloud PC device list, this property helps differentiate them. The default value is cloudPc. This property is defined in the provisioning policy.
`productType`	`object`	The product type of the Cloud PC. The possible values are: enterprise, frontline, devBox, powerAutomate, business, unknownFutureValue. For the available service plans and pricing for enterprise, frontline, and business, see Windows 365 for business. For pricing information for devBox, see Microsoft Dev Box pricing. For the available plans and pricing for powerAutomate, see Power Automate pricing. The default value is enterprise. Supports $filter and $select. For more information, see Example 4: List Cloud PCs filtered by product type. Read-only.

Showing 15 of 40 properties. View all on Microsoft Learn →

JSON Representation

JSON representation

{
  "id": "String",
  "displayName": "String",
  "lastModifiedDateTime": "String",
  "connectionSetting": "{...}",
  "allotmentDisplayName": "String",
  "provisionedDateTime": "String",
  "userPrincipalName": "String",
  "statusDetail": "{...}",
  "diskEncryptionState": "{...}",
  "frontlineCloudPcAvailability": "{...}",
  "aadDeviceId": "String",
  "onPremisesConnectionName": "String",
  "partnerAgentInstallResults": "[...]",
  "userExperienceType": "{...}",
  "productType": "{...}",
  "lastRemoteActionResult": "{...}",
  "sharedDeviceDetail": "{...}",
  "status": "microsoft.graph.cloudpcstatus",
  "managedDeviceId": "String",
  "connectionSettings": "{...}"
}

Relationships

Relationship	Type	Description
`auditEvents`	`cloudPcAuditEvent collection`	Cloud PC audit event.
`cloudPCs`	`cloudPC collection`	Cloud managed virtual desktops.
`deviceImages`	`cloudPcDeviceImage collection`	The image resource on Cloud PC.
`galleryImages`	`cloudPcGalleryImage collection`	The gallery image resource on Cloud PC.
`onPremisesConnections`	`cloudPcOnPremisesConnection collection`	A defined collection of Azure resource information that can be used to establish on-premises network connectivity for Cloud PCs.
`provisioningPolicies`	`cloudPcProvisioningPolicy collection`	Cloud PC provisioning policy.
`servicePlans`	`cloudPcServicePlan collection`	Cloud PC service plans.
`supportedRegions`	`cloudPcSupportedRegion collection`	Cloud PC supported regions.
`userSettings`	`cloudPcUserSetting collection`	Cloud PC user settings.

Graph Methods

Delegated access App-only access

Methods
GET `/deviceManagement/virtualEndpoint/auditEvents`
GET `/deviceManagement/virtualEndpoint/auditEvents/{id}`
GET `/deviceManagement/virtualEndpoint/auditEvents/getAuditActivityTypes`
GET `/deviceManagement/virtualEndpoint/cloudPCs`
GET `/deviceManagement/virtualEndpoint/cloudPCs/{id}`
GET `/deviceManagement/virtualEndpoint/deviceImages`
GET `/deviceManagement/virtualEndpoint/deviceImages/{id}`
GET `/deviceManagement/virtualEndpoint/deviceImages/getSourceImages`
GET `/deviceManagement/virtualEndpoint/galleryImages`
GET `/deviceManagement/virtualEndpoint/galleryImages/{id}`
GET `/deviceManagement/virtualEndpoint/onPremisesConnections`
GET `/deviceManagement/virtualEndpoint/onPremisesConnections/{id}`
GET `/deviceManagement/virtualEndpoint/provisioningPolicies`
GET `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}`
GET `/deviceManagement/virtualEndpoint/userSettings`
GET `/deviceManagement/virtualEndpoint/userSettings/{id}`
GET `/me/cloudPCs`
GET `/me/cloudPCs/{cloudPCId}/retrieveCloudPcLaunchDetail`
GET `/users/{userId}/cloudPCs/{id}/retrieveCloudPcLaunchDetail`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/endGracePeriod`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/reboot`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/rename`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/troubleshoot`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{id}/resize`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{id}/restore`
POST `/deviceManagement/virtualEndpoint/deviceImages`
POST `/deviceManagement/virtualEndpoint/onPremisesConnections`
POST `/deviceManagement/virtualEndpoint/onPremisesConnections/{id}/runHealthChecks`
POST `/deviceManagement/virtualEndpoint/provisioningPolicies`
POST `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}/assign`
POST `/deviceManagement/virtualEndpoint/report/retrieveCloudPcRecommendationReports`
POST `/deviceManagement/virtualEndpoint/userSettings`
POST `/deviceManagement/virtualEndpoint/userSettings/{id}/assign`
POST `/me/cloudPCs/{id}/reprovision`
POST `/users/{userId}/cloudPCs/{id}/reprovision`
PATCH `/deviceManagement/virtualEndpoint/onPremisesConnections/{id}`
PATCH `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}`
PATCH `/deviceManagement/virtualEndpoint/userSettings/{id}`
DELETE `/deviceManagement/virtualEndpoint/deviceImages/{id}`
DELETE `/deviceManagement/virtualEndpoint/onPremisesConnections/{id}`
DELETE `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}`
DELETE `/deviceManagement/virtualEndpoint/userSettings/{id}`

Methods
GET `/deviceManagement/monitoring/alertRecords`
GET `/deviceManagement/monitoring/alertRecords/{alertRecordId}`
GET `/deviceManagement/monitoring/alertRecords/getPortalNotifications`
GET `/deviceManagement/monitoring/alertRules`
GET `/deviceManagement/monitoring/alertRules/{alertRuleId}`
GET `/deviceManagement/virtualEndpoint/auditEvents`
GET `/deviceManagement/virtualEndpoint/auditEvents/{id}`
GET `/deviceManagement/virtualEndpoint/auditEvents/getAuditActivityTypes`
GET `/deviceManagement/virtualEndpoint/bulkActions`
GET `/deviceManagement/virtualEndpoint/bulkActions/{cloudPcBulkActionId}`
GET `/deviceManagement/virtualEndpoint/cloudApps/{id}`
GET `/deviceManagement/virtualEndpoint/cloudPCs`
GET `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/retrieveFrontlineCloudPcDetail`
GET `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/retrieveReviewStatus`
GET `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/retrieveSnapshots`
GET `/deviceManagement/virtualEndpoint/cloudPCs/{id}/getCloudPcConnectivityHistory`
GET `/deviceManagement/virtualEndpoint/cloudPCs/{id}/getSupportedCloudPcRemoteActions`
GET `/deviceManagement/virtualEndpoint/cloudPCs/{id}/retrieveCloudPcRemoteActionResults`
GET `/deviceManagement/virtualEndpoint/cloudPCs/getProvisionedCloudPCs(groupId='{groupId}',servicePlanId='{servicePlanId}')`
GET `/deviceManagement/virtualEndpoint/cloudPCs/retrieveCloudPcCountByStatus?customFilter={customFilter}`
GET `/deviceManagement/virtualEndpoint/crossCloudGovernmentOrganizationMapping`
GET `/deviceManagement/virtualEndpoint/deviceImages`
GET `/deviceManagement/virtualEndpoint/deviceImages/{id}`
GET `/deviceManagement/virtualEndpoint/deviceImages/getSourceImages`
GET `/deviceManagement/virtualEndpoint/externalPartners`
GET `/deviceManagement/virtualEndpoint/externalPartners/{cloudPcExternalPartnerId}`
GET `/deviceManagement/virtualEndpoint/externalPartnerSettings`
GET `/deviceManagement/virtualEndpoint/externalPartnerSettings/{cloudPcExternalPartnerSettingId}`
GET `/deviceManagement/virtualEndpoint/frontLineServicePlans`
GET `/deviceManagement/virtualEndpoint/frontLineServicePlans/{cloudPcFrontLineServicePlanId}`
GET `/deviceManagement/virtualEndpoint/galleryImages`
GET `/deviceManagement/virtualEndpoint/galleryImages/{id}`
GET `/deviceManagement/virtualEndpoint/getEffectivePermissions`
GET `/deviceManagement/virtualEndpoint/managedLicenses`
GET `/deviceManagement/virtualEndpoint/onPremisesConnections`
GET `/deviceManagement/virtualEndpoint/onPremisesConnections/{id}`
GET `/deviceManagement/virtualEndpoint/organizationSettings`
GET `/deviceManagement/virtualEndpoint/provisioningPolicies`
GET `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}`
GET `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}/retrievePolicyApplyActionResult`
GET `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}/retrievePolicyApplySchedule`
GET `/deviceManagement/virtualEndpoint/reports/exportJobs/{cloudPcExportJobId}`
GET `/deviceManagement/virtualEndpoint/reports/getRealTimeRemoteConnectionLatency(cloudPcId='id')`
GET `/deviceManagement/virtualEndpoint/reports/getRealTimeRemoteConnectionStatus(cloudPcId='id')`
GET `/deviceManagement/virtualEndpoint/retrieveScopedPermissions`
GET `/deviceManagement/virtualEndpoint/servicePlans`
GET `/deviceManagement/virtualEndpoint/snapshots/getStorageAccounts(subscriptionId='{subscriptionId}')`
GET `/deviceManagement/virtualEndpoint/snapshots/getSubscriptions`
GET `/deviceManagement/virtualEndpoint/snapshots/retrieveSnapshotImportResult(snapshotId='{snapshotId}')`
GET `/deviceManagement/virtualEndpoint/supportedRegions`
GET `/deviceManagement/virtualEndpoint/userSettings`
GET `/deviceManagement/virtualEndpoint/userSettings/{id}`
GET `/me/cloudPCs`
GET `/me/cloudPCs/{cloudPCId}/getCloudPcLaunchInfo`
GET `/me/cloudPCs/{cloudPCId}/getFrontlineCloudPcAccessState`
GET `/me/cloudPCs/{cloudPCId}/retrieveCloudPcLaunchDetail`
GET `/me/cloudPCs/{id}`
GET `/roleManagement/cloudPc/roleAssignments`
GET `/roleManagement/cloudPC/roleAssignments/{id}`
GET `/roleManagement/cloudPC/roleDefinitions`
GET `/roleManagement/cloudPC/roleDefinitions/{id}`
GET `/tenantRelationships/managedTenants/cloudPcConnections`
GET `/tenantRelationships/managedTenants/cloudPcConnections/{cloudPcConnectionId}`
GET `/tenantRelationships/managedTenants/cloudPcDevices`
GET `/tenantRelationships/managedTenants/cloudPcDevices/{cloudPcDeviceId}`
GET `/tenantRelationships/managedTenants/cloudPcsOverview`
GET `/tenantRelationships/managedTenants/cloudPcsOverview/{cloudPcOverviewId}`
GET `/users/{userId}/cloudPCs/{id}`
GET `/users/{userId}/cloudPCs/{id}/getCloudPcLaunchInfo`
GET `/users/{userId}/cloudPCs/{id}/retrieveCloudPcLaunchDetail`
POST `/deviceManagement/monitoring/alertRecords/{alertRecordId}/setPortalNotificationAsSent`
POST `/deviceManagement/monitoring/alertRecords/changeAlertRecordsPortalNotificationAsSent`
POST `/deviceManagement/monitoring/alertRules`
POST `/deviceManagement/virtualEndpoint/bulkAction/{id}/retry`
POST `/deviceManagement/virtualEndpoint/bulkActions`
POST `/deviceManagement/virtualEndpoint/cloudApps/publish`
POST `/deviceManagement/virtualEndpoint/cloudApps/reset`
POST `/deviceManagement/virtualEndpoint/cloudApps/retrieveDiscoveredApps(sourceId={value},provisioningPolicyId={value})`
POST `/deviceManagement/virtualEndpoint/cloudApps/unpublish`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/changeUserAccountType`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/poweroff`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/poweron`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{cloudPCId}/setReviewStatus`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{id}/createSnapshot`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{id}/resize`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{id}/restore`
POST `/deviceManagement/virtualEndpoint/cloudPCs/{id}/retryPartnerAgentInstallation`
POST `/deviceManagement/virtualEndpoint/cloudPCs/4b18de4b-ab05-4059-8c61-0323a7df4ced/endGracePeriod`
POST `/deviceManagement/virtualEndpoint/cloudPCs/validateBulkResize`
POST `/deviceManagement/virtualEndpoint/crossCloudGovernmentOrganizationMapping`
POST `/deviceManagement/virtualEndpoint/deviceImages`
POST `/deviceManagement/virtualEndpoint/deviceImages/{cloudPcDeviceImageId}/reupload`
POST `/deviceManagement/virtualEndpoint/externalPartners`
POST `/deviceManagement/virtualEndpoint/externalPartnerSettings`
POST `/deviceManagement/virtualEndpoint/onPremisesConnections`
POST `/deviceManagement/virtualEndpoint/onPremisesConnections/{id}/runHealthChecks`
POST `/deviceManagement/virtualEndpoint/onPremisesConnections/{Id}/UpdateAdDomainPassword`
POST `/deviceManagement/virtualEndpoint/provisioningPolicies`
POST `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}/apply`
POST `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}/assign`
POST `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}/assignments/{assignment_id}/cloudPCUserSettingsPersistence/batchCleanupUserSettingsPersistenceProfile`
POST `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}/schedulePolicyApplyTask`
POST `/deviceManagement/virtualEndpoint/provisioningPolicies/{provisioningPolicyId}/retry`
POST `/deviceManagement/virtualEndpoint/provisioningPolicies/applyConfig`
POST `/deviceManagement/virtualEndpoint/report/retrieveCloudPcClientAppUsageReport`
POST `/deviceManagement/virtualEndpoint/report/retrieveCloudPcRecommendationReports`
POST `/deviceManagement/virtualEndpoint/reports/exportJobs`
POST `/deviceManagement/virtualEndpoint/reports/getActionStatusReports`
POST `/deviceManagement/virtualEndpoint/reports/getCloudPCPerformanceReport`
POST `/deviceManagement/virtualEndpoint/reports/getCloudPcRecommendationReports`
POST `/deviceManagement/virtualEndpoint/reports/getConnectionQualityReports`
POST `/deviceManagement/virtualEndpoint/reports/getDailyAggregatedRemoteConnectionReports`
POST `/deviceManagement/virtualEndpoint/reports/getFrontlineReport`
POST `/deviceManagement/virtualEndpoint/reports/getInaccessibleCloudPcReports`
POST `/deviceManagement/virtualEndpoint/reports/getRawRemoteConnectionReports`
POST `/deviceManagement/virtualEndpoint/reports/getRemoteConnectionHistoricalReports`
POST `/deviceManagement/virtualEndpoint/reports/getSharedUseLicenseUsageReport`
POST `/deviceManagement/virtualEndpoint/reports/getTotalAggregatedRemoteConnectionReports`
POST `/deviceManagement/virtualEndpoint/reports/retrieveBulkActionStatusReport`
POST `/deviceManagement/virtualEndpoint/reports/retrieveCloudPcRecommendationReports`
POST `/deviceManagement/virtualEndpoint/reports/retrieveCloudPcTenantMetricsReport`
POST `/deviceManagement/virtualEndpoint/reports/retrieveCloudPcTroubleshootReports`
POST `/deviceManagement/virtualEndpoint/reports/retrieveCrossRegionDisasterRecoveryReport`
POST `/deviceManagement/virtualEndpoint/snapshots/importSnapshot`
POST `/deviceManagement/virtualEndpoint/snapshots/purgeImportedSnapshot`
POST `/deviceManagement/virtualEndpoint/userSettings`
POST `/deviceManagement/virtualEndpoint/userSettings/{id}/assign`
POST `/me/cloudPCs/{cloudPCId}/reboot`
POST `/me/cloudPCs/{cloudPCId}/rename`
POST `/me/cloudPCs/{cloudPCId}/start`
POST `/me/cloudPCs/{cloudPCId}/stop`
POST `/me/cloudPCs/{cloudPCId}/troubleshoot`
POST `/me/cloudPCs/{id}/reprovision`
POST `/roleManagement/cloudPC/roleAssignments`
POST `/roleManagement/deviceManagement/roleDefinitions`
POST `/users/{userId}/cloudPCs/{cloudPCId}/reboot`
POST `/users/{userId}/cloudPCs/{cloudPCId}/rename`
POST `/users/{userId}/cloudPCs/{cloudPCId}/troubleshoot`
POST `/users/{userId}/cloudPCs/{id}/reprovision`
POST `/users/{userId}/cloudPCs/{id}/start`
POST `/users/{userId}/cloudPCs/{id}/stop`
PATCH `/deviceManagement/monitoring/alertRules/{alertRuleId}`
PATCH `/deviceManagement/virtualEndpoint/cloudApps/{id}`
PATCH `/deviceManagement/virtualEndpoint/externalPartners/{cloudPcExternalPartnerId}`
PATCH `/deviceManagement/virtualEndpoint/externalPartnerSettings/{cloudPcExternalPartnerSettingId}`
PATCH `/deviceManagement/virtualEndpoint/onPremisesConnections/{id}`
PATCH `/deviceManagement/virtualEndpoint/organizationSettings`
PATCH `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}`
PATCH `/deviceManagement/virtualEndpoint/userSettings/{id}`
PATCH `/roleManagement/cloudPC/roleAssignments/{id}`
PATCH `/roleManagement/deviceManagement/roleDefinitions/{id}`
DELETE `/deviceManagement/virtualEndpoint/deviceImages/{id}`
DELETE `/deviceManagement/virtualEndpoint/onPremisesConnections/{id}`
DELETE `/deviceManagement/virtualEndpoint/provisioningPolicies/{id}`
DELETE `/deviceManagement/virtualEndpoint/userSettings/{id}`
DELETE `/roleManagement/cloudPC/roleAssignments/{id}`
DELETE `/roleManagement/deviceManagement/roleDefinitions/{id}`

Commands
`Get-MgDeviceManagementVirtualEndpointAuditEvent`
`Get-MgDeviceManagementVirtualEndpointAuditEventAuditActivityType`
`Get-MgDeviceManagementVirtualEndpointCloudPc`
`Get-MgDeviceManagementVirtualEndpointDeviceImage`
`Get-MgDeviceManagementVirtualEndpointDeviceImageSourceImage`
`Get-MgDeviceManagementVirtualEndpointGalleryImage`
`Get-MgDeviceManagementVirtualEndpointOnPremiseConnection`
`Get-MgDeviceManagementVirtualEndpointProvisioningPolicy`
`Get-MgDeviceManagementVirtualEndpointUserSetting`
`Invoke-MgTroubleshootDeviceManagementVirtualEndpointCloudPc`
`New-MgDeviceManagementVirtualEndpointDeviceImage`
`New-MgDeviceManagementVirtualEndpointOnPremiseConnection`
`New-MgDeviceManagementVirtualEndpointProvisioningPolicy`
`New-MgDeviceManagementVirtualEndpointUserSetting`
`Remove-MgDeviceManagementVirtualEndpointDeviceImage`
`Remove-MgDeviceManagementVirtualEndpointOnPremiseConnection`
`Remove-MgDeviceManagementVirtualEndpointProvisioningPolicy`
`Remove-MgDeviceManagementVirtualEndpointUserSetting`
`Rename-MgDeviceManagementVirtualEndpointCloudPc`
`Resize-MgDeviceManagementVirtualEndpointCloudPc`
`Restart-MgDeviceManagementVirtualEndpointCloudPc`
`Restore-MgDeviceManagementVirtualEndpointCloudPc`
`Set-MgDeviceManagementVirtualEndpointProvisioningPolicy`
`Set-MgDeviceManagementVirtualEndpointUserSetting`
`Start-MgDeviceManagementVirtualEndpointOnPremiseConnectionHealthCheck`
`Stop-MgDeviceManagementVirtualEndpointCloudPcGracePeriod`
`Update-MgDeviceManagementVirtualEndpointOnPremiseConnection`
`Update-MgDeviceManagementVirtualEndpointProvisioningPolicy`
`Update-MgDeviceManagementVirtualEndpointUserSetting`

Commands
`Get-MgBetaDeviceManagementMonitoringAlertRecord`
`Get-MgBetaDeviceManagementMonitoringAlertRecordPortalNotification`
`Get-MgBetaDeviceManagementMonitoringAlertRule`
`Get-MgBetaDeviceManagementVirtualEndpointAuditEvent`
`Get-MgBetaDeviceManagementVirtualEndpointBulkAction`
`Get-MgBetaDeviceManagementVirtualEndpointCloudPc`
`Get-MgBetaDeviceManagementVirtualEndpointCrossCloudGovernmentOrganizationMapping`
`Get-MgBetaDeviceManagementVirtualEndpointDeviceImage`
`Get-MgBetaDeviceManagementVirtualEndpointExternalPartnerSetting`
`Get-MgBetaDeviceManagementVirtualEndpointFrontLineServicePlan`
`Get-MgBetaDeviceManagementVirtualEndpointGalleryImage`
`Get-MgBetaDeviceManagementVirtualEndpointOnPremiseConnection`
`Get-MgBetaDeviceManagementVirtualEndpointOrganizationSetting`
`Get-MgBetaDeviceManagementVirtualEndpointProvisioningPolicy`
`Get-MgBetaDeviceManagementVirtualEndpointReportExportJob`
`Get-MgBetaDeviceManagementVirtualEndpointServicePlan`
`Get-MgBetaDeviceManagementVirtualEndpointSnapshot`
`Get-MgBetaDeviceManagementVirtualEndpointSupportedRegion`
`Get-MgBetaDeviceManagementVirtualEndpointUserSetting`
`Get-MgBetaRoleManagementCloudPcRoleAssignment`
`Get-MgBetaRoleManagementDirectoryRoleDefinition`
`Get-MgBetaRoleManagementExchangeRoleDefinition`
`Get-MgBetaTenantRelationshipManagedTenantCloudPcConnection`
`Get-MgBetaTenantRelationshipManagedTenantCloudPcDevice`
`Get-MgBetaTenantRelationshipManagedTenantCloudPcOverview`
`New-MgBetaDeviceManagementMonitoringAlertRule`
`New-MgBetaDeviceManagementVirtualEndpointBulkAction`
`New-MgBetaDeviceManagementVirtualEndpointDeviceImage`
`New-MgBetaDeviceManagementVirtualEndpointExternalPartnerSetting`
`New-MgBetaDeviceManagementVirtualEndpointOnPremiseConnection`
`New-MgBetaDeviceManagementVirtualEndpointProvisioningPolicy`
`New-MgBetaDeviceManagementVirtualEndpointReportExportJob`
`New-MgBetaDeviceManagementVirtualEndpointUserSetting`
`New-MgBetaRoleManagementCloudPcRoleAssignment`
`New-MgBetaRoleManagementCloudPcRoleDefinition`
`Remove-MgBetaDeviceManagementVirtualEndpointDeviceImage`
`Remove-MgBetaDeviceManagementVirtualEndpointOnPremiseConnection`
`Remove-MgBetaDeviceManagementVirtualEndpointProvisioningPolicy`
`Remove-MgBetaDeviceManagementVirtualEndpointUserSetting`
`Remove-MgBetaRoleManagementCloudPcRoleAssignment`
`Remove-MgBetaRoleManagementCloudPcRoleDefinition`
`Rename-MgBetaDeviceManagementMonitoringAlertRecordPortalNotificationAsSent`
`Set-MgBetaDeviceManagementMonitoringAlertRecordPortalNotificationAsSent`
`Update-MgBetaDeviceManagementMonitoringAlertRule`
`Update-MgBetaDeviceManagementVirtualEndpointExternalPartnerSetting`
`Update-MgBetaDeviceManagementVirtualEndpointOnPremiseConnection`
`Update-MgBetaDeviceManagementVirtualEndpointOrganizationSetting`
`Update-MgBetaDeviceManagementVirtualEndpointProvisioningPolicy`
`Update-MgBetaDeviceManagementVirtualEndpointUserSetting`
`Update-MgBetaRoleManagementCloudPcRoleAssignment`
`Update-MgBetaRoleManagementCloudPcRoleDefinition`

Code Examples

C# / .NET SDK

// Install: dotnet add package Microsoft.Graph
// Install: dotnet add package Azure.Identity
using Microsoft.Graph;
using Azure.Identity;

// Delegated permissions - interactive user sign-in
var scopes = new[] { "CloudPC.ReadWrite.All" };
var options = new InteractiveBrowserCredentialOptions
{
    ClientId = "YOUR_CLIENT_ID",
    TenantId = "YOUR_TENANT_ID",
    RedirectUri = new Uri("http://localhost")
};
var credential = new InteractiveBrowserCredential(options);
var graphClient = new GraphServiceClient(credential, scopes);

// Example: GET /me
var result = await graphClient.Me.GetAsync();
Console.WriteLine($"User: {result?.DisplayName}");

// Application permissions - daemon/service app
var tenantId = "YOUR_TENANT_ID";
var clientId = "YOUR_CLIENT_ID";
var clientSecret = "YOUR_CLIENT_SECRET";

var credential = new ClientSecretCredential(tenantId, clientId, clientSecret);
var graphClient = new GraphServiceClient(credential);

// Example: GET /users/{user-id}
var users = await graphClient.Users.GetAsync();
foreach (var user in users?.Value ?? [])
{
    Console.WriteLine($"User: {user.DisplayName}");
}

JavaScript / TypeScript

// npm install @azure/msal-browser @microsoft/microsoft-graph-client
import { PublicClientApplication } from "@azure/msal-browser";
import { Client } from "@microsoft/microsoft-graph-client";
import { AuthCodeMSALBrowserAuthenticationProvider } from 
    "@microsoft/microsoft-graph-client/authProviders/authCodeMsalBrowser";

const msalConfig = {
    auth: {
        clientId: "YOUR_CLIENT_ID",
        authority: "https://login.microsoftonline.com/YOUR_TENANT_ID"
    }
};

const pca = new PublicClientApplication(msalConfig);
await pca.initialize();

// Delegated: Login with required scope
const loginResponse = await pca.loginPopup({
    scopes: ["CloudPC.ReadWrite.All"]
});

const authProvider = new AuthCodeMSALBrowserAuthenticationProvider(pca, {
    account: loginResponse.account,
    scopes: ["CloudPC.ReadWrite.All"],
    interactionType: "popup"
});

const graphClient = Client.initWithMiddleware({ authProvider });

// Example: GET /me
const result = await graphClient.api("/me").get();
console.log(result);

// Application: Use client credentials (Node.js backend only)
// npm install @azure/identity @microsoft/microsoft-graph-client
import { ClientSecretCredential } from "@azure/identity";
import { TokenCredentialAuthenticationProvider } from 
    "@microsoft/microsoft-graph-client/authProviders/azureTokenCredentials";

const credential = new ClientSecretCredential(
    "YOUR_TENANT_ID",
    "YOUR_CLIENT_ID", 
    "YOUR_CLIENT_SECRET"
);

const authProvider = new TokenCredentialAuthenticationProvider(credential, {
    scopes: ["https://graph.microsoft.com/.default"]
});

const graphClient = Client.initWithMiddleware({ authProvider });
const result = await graphClient.api("/users").get();
console.log(result);

PowerShell

# Install Microsoft Graph PowerShell module
Install-Module Microsoft.Graph -Scope CurrentUser

# Delegated access - interactive sign-in
Connect-MgGraph -Scopes "CloudPC.ReadWrite.All"

# Verify connection
Get-MgContext | Select-Object Account, TenantId, Scopes

# Example: GET /me
$result = Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/me"
$result | ConvertTo-Json -Depth 5

# Application access with certificate
$params = @{
    ClientId = "YOUR_CLIENT_ID"
    TenantId = "YOUR_TENANT_ID"
    CertificateThumbprint = "YOUR_CERT_THUMBPRINT"
}
Connect-MgGraph @params

# Or with client secret (not recommended for production)
# Connect-MgGraph -ClientSecretCredential $credential

# Example: GET /users
$result = Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/users"
$result | ConvertTo-Json -Depth 5

# Always disconnect when done
Disconnect-MgGraph

Python

# pip install msgraph-sdk azure-identity
from azure.identity import InteractiveBrowserCredential, ClientSecretCredential
from msgraph import GraphServiceClient
import asyncio

# Delegated permissions - interactive browser sign-in
credential = InteractiveBrowserCredential(
    client_id="YOUR_CLIENT_ID",
    tenant_id="YOUR_TENANT_ID"
)
scopes = ["CloudPC.ReadWrite.All"]
client = GraphServiceClient(credential, scopes)

async def get_data():
    # Example: GET /me
    result = await client.me.get()
    print(f"User: {result.display_name}")
    return result

asyncio.run(get_data())

# Application permissions - client credentials
credential = ClientSecretCredential(
    tenant_id="YOUR_TENANT_ID",
    client_id="YOUR_CLIENT_ID",
    client_secret="YOUR_CLIENT_SECRET"
)
scopes = ["https://graph.microsoft.com/.default"]
client = GraphServiceClient(credential, scopes)

async def get_users():
    # Example: GET /users
    result = await client.users.get()
    for user in result.value:
        print(f"User: {user.display_name}")
    return result

asyncio.run(get_users())

App Registration

Navigate to Azure Portal

Go to App registrations in Microsoft Entra admin center

Add API Permission

Select your app → API permissions → Add a permission → Microsoft Graph

Select Permission Type

Choose Application permissions or Delegated permissions and search for CloudPC.ReadWrite.All

Grant Admin Consent

Application permissions always require admin consent. Click "Grant admin consent" in the Azure portal.