OrganizationalBranding.Read.All
Export JSON
Export CSV
Copy URL
Print
ApplicationDelegated
Read
All Resources
Allows the app to read the organizational branding information, without a signed-in user.
Permission data: April 6, 2026 at 4:06 AM UTC
Delegated Access
App-Only Access
Permission Details
Application Permission
Read organizational branding information
Allows the app to read the organizational branding information, without a signed-in user.
Permission ID:
eb76ac34-0d62-4454-b97c-185e4250dc20
Delegated Permission
Admin consent required
Read organizational branding information
Allows the app to read the organizational branding information, on behalf of the signed-in user.
User sees: Allows the app to read the organizational branding information, on your behalf.
Permission ID:
9082f138-6f02-4f3a-9f4d-5f3c2ce5c688
Properties
Microsoft Graph v1.0
exact-category-docs
Properties is shown from stable Microsoft Graph v1.0 metadata.
| Property | Type | Description |
|---|---|---|
backgroundColor |
StringNullable |
Color that will appear in place of the background image in low-bandwidth connections. We recommend that you use the primary color of your banner logo or your organization color. Specify this in hexadecimal format, for example, white is FFFFFF. Inherited from organizationalBrandingProperties. |
backgroundImage |
StreamNullable |
Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image will reduce bandwidth requirements and make the page load faster. Inherited from organizationalBrandingProperties. Returned only on $select. |
backgroundImageRelativeUrl |
StringNullable |
A relative URL for the backgroundImage property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
bannerLogo |
StreamNullable |
A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG no larger than 245 x 36 pixels. We recommend using a transparent image with no padding around the logo. Inherited from organizationalBrandingProperties. Returned only on $select. |
bannerLogoRelativeUrl |
StringNullable |
A relative url for the bannerLogo property that is combined with a CDN base URL from the cdnList to provide the read-only version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
cdnList |
String collection |
A list of base URLs for all available CDN providers that are serving the assets of the current resource. Several CDN providers are used at the same time for high availability of read requests. Read-only. Inherited from organizationalBrandingProperties. |
contentCustomization |
contentCustomization |
Represents the content options to be customized throughout the authentication flow for a tenant. , , NOTE: Supported by Microsoft Entra External ID in external tenants only. |
customAccountResetCredentialsUrl |
StringNullable |
A custom URL for resetting account credentials. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128 characters. Inherited from organizationalBrandingProperties. |
customCannotAccessYourAccountText |
StringNullable |
A string to replace the default "Can't access your account?" self-service password reset (SSPR) hyperlink text on the sign-in page. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
customCannotAccessYourAccountUrl |
StringNullable |
A custom URL to replace the default URL of the self-service password reset (SSPR) "Can't access your account?" hyperlink on the sign-in page. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128 characters. , , DO NOT USE. Use customAccountResetCredentialsUrl instead. Inherited from organizationalBrandingProperties. |
customCSS |
StreamNullable |
CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25KB. Inherited from organizationalBrandingProperties. |
customCSSRelativeUrl |
StringNullable |
A relative URL for the customCSS property that is combined with a CDN base URL from the cdnList to provide the version served by a CDN. Read-only. Inherited from organizationalBrandingProperties. |
customForgotMyPasswordText |
StringNullable |
A string to replace the default "Forgot my password" hyperlink text on the sign-in form. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
customPrivacyAndCookiesText |
StringNullable |
A string to replace the default "Privacy and Cookies" hyperlink text in the footer. This text must be in Unicode format and not exceed 256 characters. Inherited from organizationalBrandingProperties. |
customPrivacyAndCookiesUrl |
StringNullable |
A custom URL to replace the default URL of the "Privacy and Cookies" hyperlink in the footer. This URL must be in ASCII format or non-ASCII characters must be URL encoded, and not exceed 128 characters. Inherited from organizationalBrandingProperties. |
Showing 15 of 33 properties.
JSON Representation
Microsoft Graph v1.0
exact-category-docs
JSON representation is shown from stable Microsoft Graph v1.0 metadata.
JSON representation
{
"@odata.type": "#microsoft.graph.organizationalBranding",
"id": "String (identifier)",
"backgroundColor": "String",
"backgroundImage": "Stream",
"backgroundImageRelativeUrl": "String",
"bannerLogo": "Stream",
"bannerLogoRelativeUrl": "String",
"cdnList": [
"String"
],
"contentCustomization": {
"@odata.type": "microsoft.graph.contentCustomization"
},
"signInPageText": "String",
"squareLogo": "Stream",
"squareLogoRelativeUrl": "String",
"squareLogoDark": "Stream",
"squareLogoDarkRelativeUrl": "String",
"usernameHintText": "String",
"customAccountResetCredentialsUrl": "String",
"customCannotAccessYourAccountText": "String",
"customCannotAccessYourAccountUrl": "String",
"customCSS": "Stream",
"customCSSRelativeUrl": "String",
"customForgotMyPasswordText": "String",
"customPrivacyAndCookiesText": "String",
"customPrivacyAndCookiesUrl": "String",
"customResetItNowText": "String",
"customTermsOfUseText": "String",
"customTermsOfUseUrl": "String",
"favicon": "Stream",
"faviconRelativeUrl": "String",
"headerBackgroundColor": "String",
"headerLogo": "Stream",
"headerLogoRelativeUrl": "String",
"loginPageLayoutConfiguration": {
"@odata.type": "microsoft.graph.loginPageLayoutConfiguration"
},
"loginPageTextVisibilitySettings": {
"@odata.type": "microsoft.graph.loginPageTextVisibilitySettings"
}
}Relationships
Microsoft Graph v1.0
exact-category-docs
Relationships is shown from stable Microsoft Graph v1.0 metadata.
| Relationship | Type | Description |
|---|---|---|
localizations |
organizationalBrandingLocalization collection |
Add different branding based on a locale. |
cdnList |
string collection |
A list of base URLs for all available CDN providers that are serving the assets of the current resource. Several CDN providers are used at the same time for high availability of read requests. Read-only. |
themes |
organizationalBrandingTheme collection |
Collection of branding themes for the tenant. |
Graph Methods
Delegated access
App-only access
Exact Microsoft Learn match
Microsoft Graph v1.0 endpoints are mapped directly from refreshed Microsoft Learn permissions tables.
Exact Microsoft Learn match
Microsoft Graph beta endpoints are mapped directly from refreshed Microsoft Learn permissions tables.
Exact Microsoft Learn PowerShell match
Microsoft Graph PowerShell v1.0 commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.
Exact Microsoft Learn PowerShell match
Microsoft Graph PowerShell beta commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.
Code Examples
C# / .NET SDK
Get organizationalBranding
// Code snippets are only available for the latest version. Current version is 5.x
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Organization["{organization-id}"].Branding.GetAsync((requestConfiguration) =>
{
requestConfiguration.Headers.Add("Accept-Language", "0");
});
JavaScript
Get organizationalBranding
const options = {
authProvider,
};
const client = Client.init(options);
let organizationalBranding = await client.api('/organization/dcd219dd-bc68-4b9b-bf0b-4a33a796be35/branding')
.header('Accept-Language','0')
.get();
PowerShell
Get organizationalBranding
Import-Module Microsoft.Graph.Identity.DirectoryManagement
Get-MgOrganizationBranding -OrganizationId $organizationId
Python
Get organizationalBranding
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.organization.item.branding.branding_request_builder import BrandingRequestBuilder
from kiota_abstractions.base_request_configuration import RequestConfiguration
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_configuration = RequestConfiguration()
request_configuration.headers.add("Accept-Language", "0")
result = await graph_client.organization.by_organization_id('organization-id').branding.get(request_configuration = request_configuration)App Registration
1
Navigate to Azure Portal
Go to App registrations in Microsoft Entra admin center
2
Add API Permission
Select your app → API permissions → Add a permission → Microsoft Graph
3
Select Permission Type
Choose Application permissions or delegated permissions and search for OrganizationalBranding.Read.All
4
Grant Admin Consent
Application permissions always require admin consent.