OnPremDirectorySynchronization.Read.All

Permission Details

Application Permission

Read all on-premises directory synchronization information

Allows the app to read all on-premises directory synchronization information for the organization, without a signed-in user.

Permission ID: bb70e231-92dc-4729-aff5-697b3f04be95

Delegated Permission

Read all on-premises directory synchronization information

Allows the app to read all on-premises directory synchronization information for the organization, on behalf of the signed-in user.

Permission ID: f6609722-4100-44eb-b747-e6ca0536989d

Properties

Microsoft Graph v1.0 endpoint-derived-docs

Properties is shown from stable Microsoft Graph v1.0 metadata.

Property	Type	Description
`id`	`String`	A unique identifier for the object; for example, 12345678-9abc-def0-1234-56789abcde. Key. Not nullable. Read-only. Inherited from entity.
`administrativeUnits`	`administrativeUnit collection`	Conceptual container for user and group directory objects.
`attributeSets`	`attributeSet collection`	Group of related custom security attribute definitions.
`customSecurityAttributeDefinitions`	`customSecurityAttributeDefinition collection`	Schema of a custom security attributes (key-value pairs).
`deletedItems`	`directoryObject collection`	Recently deleted items. Read-only. Nullable.
`deviceLocalCredentials`	`deviceLocalCredentialInfo collection`	The credentials of the device's local administrator account backed up to Microsoft Entra ID.
`federationConfigurations`	`identityProviderBase collection`	Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed protocol.
`onPremisesSynchronization`	`onPremisesDirectorySynchronization collection`	A container for on-premises directory synchronization functionalities that are available for the organization.
`publicKeyInfrastructure`	`object`	The collection of public key infrastructure instances for the certificate-based authentication feature for users in a Microsoft Entra tenant.
`subscriptions`	`companySubscription collection`	List of commercial subscriptions that an organization acquired.

JSON Representation

Microsoft Graph v1.0 endpoint-derived-docs

JSON representation is shown from stable Microsoft Graph v1.0 metadata.

JSON representation

{
  "@odata.type": "#microsoft.graph.directory"
}

Relationships

Microsoft Graph v1.0 endpoint-derived-docs

Relationships is shown from stable Microsoft Graph v1.0 metadata.

Relationship	Type	Description
`administrativeUnits`	`administrativeUnit collection`	Conceptual container for user and group directory objects.
`attributeSets`	`attributeSet collection`	Group of related custom security attribute definitions.
`customSecurityAttributeDefinitions`	`customSecurityAttributeDefinition collection`	Schema of a custom security attributes (key-value pairs).
`deletedItems`	`directoryObject collection`	Recently deleted items. Read-only. Nullable.
`deviceLocalCredentials`	`deviceLocalCredential collection`	The credentials of the device's local administrator account backed up to Microsoft Entra ID.
`federationConfigurations`	`identityProviderBase collection`	Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed protocol.
`onPremisesSynchronization`	`onPremisesDirectorySynchronization`	A container for on-premises directory synchronization functionalities that are available for the organization.
`publicKeyInfrastructure`	`publicKeyInfrastructureRoot`	The collection of public key infrastructure instances for the certificate-based authentication feature for users in a Microsoft Entra tenant.
`subscriptions`	`companySubscription collection`	List of commercial subscriptions that an organization acquired.
`externalUserProfiles`	`externalUserProfile collection`	Collection of external user profiles that represent collaborators in the directory.
`featureRolloutPolicies`	`featureRolloutPolicy collection`	Related featureRolloutPolicies data exposed by this resource.
`impactedResources`	`impactedResource collection`	Related impactedResources data exposed by this resource.
`inboundSharedUserProfiles`	`inboundSharedUserProfile collection`	A collection of external users whose profile data is shared with the Microsoft Entra tenant. Nullable.
`outboundSharedUserProfiles`	`outboundSharedUserProfile collection`	Related outboundSharedUserProfiles data exposed by this resource.
`pendingExternalUserProfiles`	`pendingExternalUserProfile collection`	Collection of pending external user profiles representing collaborators in the directory that are unredeemed.
`recommendations`	`recommendation collection`	List of recommended improvements to improve tenant posture.
`sharedEmailDomains`	`sharedEmailDomain collection`	Related sharedEmailDomains data exposed by this resource.

Graph Methods

Delegated access App-only access

Exact Microsoft Learn match

Microsoft Graph v1.0 endpoints are mapped directly from refreshed Microsoft Learn permissions tables.

Methods
GET `/directory/onPremisesSynchronization`

Exact Microsoft Learn match

Microsoft Graph beta endpoints are mapped directly from refreshed Microsoft Learn permissions tables.

Methods
GET `/directory/onPremisesSynchronization`

Exact Microsoft Learn PowerShell match

Microsoft Graph PowerShell v1.0 commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.

Commands
`Get-MgDirectoryOnPremiseSynchronization` /directory/onPremisesSynchronization Get onPremisesDirectorySynchronization

Exact Microsoft Learn PowerShell match

Microsoft Graph PowerShell beta commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.

Commands
`Get-MgBetaDirectoryOnPremiseSynchronization` /directory/onPremisesSynchronization Get onPremisesDirectorySynchronization

Code Examples

C# / .NET SDK

Get onPremisesDirectorySynchronization

View official example on Microsoft Learn

// Code snippets are only available for the latest version. Current version is 5.x

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Directory.OnPremisesSynchronization["{onPremisesDirectorySynchronization-id}"].GetAsync();

JavaScript

Get onPremisesDirectorySynchronization

View official example on Microsoft Learn

const options = {
	authProvider,
};

const client = Client.init(options);

let onPremisesDirectorySynchronization = await client.api('/directory/onPremisesSynchronization/{id}')
	.get();

PowerShell

Get onPremisesDirectorySynchronization

View official example on Microsoft Learn

Import-Module Microsoft.Graph.Identity.DirectoryManagement

Get-MgDirectoryOnPremiseSynchronization -OnPremisesDirectorySynchronizationId $onPremisesDirectorySynchronizationId

Python

Get onPremisesDirectorySynchronization

View official example on Microsoft Learn

# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python

result = await graph_client.directory.on_premises_synchronization.by_on_premises_directory_synchronization_id('onPremisesDirectorySynchronization-id').get()

App Registration

1

Navigate to Azure Portal

Go to App registrations in Microsoft Entra admin center

2

Add API Permission

Select your app → API permissions → Add a permission → Microsoft Graph

3

Select Permission Type

Choose Application permissions or delegated permissions and search for OnPremDirectorySynchronization.Read.All

4

Grant Admin Consent

Application permissions always require admin consent.