Policy.ReadWrite.B2BManagementPolicy
Export JSON
Export CSV
Copy URL
Print
ApplicationDelegated
Read/Write
User Scope
Allows the app to read and write all your organization's B2BManagement policies without a signed in user.
Permission data: April 5, 2026 at 4:03 AM UTC
Delegated Access
App-Only Access
Permission Details
Application Permission
Read and write your organization's B2BManagement policies
Allows the app to read and write all your organization's B2BManagement policies without a signed in user.
Permission ID:
886bd2d9-5b8b-4b49-adea-ca75fb50d9ef
Delegated Permission
Admin consent required
Read and write your organization's B2BManagement policies
Allows the app to read and write your organization's B2BManagement policies on behalf of the signed-in user.
User sees: Allows the app to read and write your organization's B2BManagement policies on your behalf.
Permission ID:
723c4a0c-85b0-4a02-bb2a-c9eb07959de9
Properties
Microsoft Graph v1.0
mapped-docs
Properties is shown from stable Microsoft Graph v1.0 metadata.
| Property | Type | Description |
|---|---|---|
id |
String |
Unique identifier of the policy. Inherited from entity. |
activityBasedTimeoutPolicies |
activityBasedTimeoutPolicy collection |
The policy that controls the idle time out for web sessions for applications. |
adminConsentRequestPolicy |
object |
The policy by which consent requests are created and managed for the entire tenant. |
appManagementPolicies |
appManagementPolicy collection |
The policies that enforce app management restrictions for specific applications and service principals, overriding the defaultAppManagementPolicy. |
authenticationFlowsPolicy |
object |
The policy configuration of the self-service sign-up experience of external users. |
authenticationMethodsPolicy |
object |
The authentication methods and the users that are allowed to use them to sign in and perform multifactor authentication (MFA) in Microsoft Entra ID. |
authenticationStrengthPolicies |
authenticationStrengthPolicy collection |
The authentication method combinations that are to be used in scenarios defined by Microsoft Entra Conditional Access. |
authorizationPolicy |
object |
The policy that controls Microsoft Entra authorization settings. |
claimsMappingPolicies |
claimsMappingPolicy collection |
The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific application. |
conditionalAccessPolicies |
conditionalAccessPolicy collection |
The custom rules that define an access scenario. |
crossTenantAccessPolicy |
object |
The custom rules that define an access scenario when interacting with external Microsoft Entra tenants. |
defaultAppManagementPolicy |
object |
The tenant-wide policy that enforces app management restrictions for all applications and service principals. |
deviceRegistrationPolicy |
object |
|
featureRolloutPolicies |
featureRolloutPolicy collection |
The feature rollout policy associated with a directory object. |
homeRealmDiscoveryPolicies |
homeRealmDiscoveryPolicy collection |
The policy to control Microsoft Entra authentication behavior for federated users. |
Showing 15 of 21 properties.
JSON Representation
Microsoft Graph v1.0
mapped-docs
JSON representation is shown from stable Microsoft Graph v1.0 metadata.
JSON representation
{
"@odata.type": "#microsoft.graph.policyRoot",
"id": "String (identifier)"
}Relationships
Microsoft Graph v1.0
mapped-docs
Relationships is shown from stable Microsoft Graph v1.0 metadata.
| Relationship | Type | Description |
|---|---|---|
activityBasedTimeoutPolicies |
activityBasedTimeoutPolicy collection |
The policy that controls the idle time out for web sessions for applications. |
adminConsentRequestPolicy |
adminConsentRequestPolicy |
The policy by which consent requests are created and managed for the entire tenant. |
appManagementPolicies |
appManagementPolicy collection |
The policies that enforce app management restrictions for specific applications and service principals, overriding the defaultAppManagementPolicy. |
authenticationFlowsPolicy |
authenticationFlowsPolicy |
The policy configuration of the self-service sign-up experience of external users. |
authenticationMethodsPolicy |
authenticationMethodsPolicy |
The authentication methods and the users that are allowed to use them to sign in and perform multifactor authentication (MFA) in Microsoft Entra ID. |
authenticationStrengthPolicies |
authenticationStrengthPolicy collection |
The authentication method combinations that are to be used in scenarios defined by Microsoft Entra Conditional Access. |
authorizationPolicy |
authorizationPolicy collection |
The policy that controls Microsoft Entra authorization settings. |
claimsMappingPolicies |
claimsMappingPolicy collection |
The claim-mapping policies for WS-Fed, SAML, OAuth 2.0, and OpenID Connect protocols, for tokens issued to a specific application. |
conditionalAccessPolicies |
conditionalAccessPolicy |
The custom rules that define an access scenario. |
crossTenantAccessPolicy |
crossTenantAccessPolicy |
The custom rules that define an access scenario when interacting with external Microsoft Entra tenants. |
defaultAppManagementPolicy |
tenantAppManagementPolicy |
The tenant-wide policy that enforces app management restrictions for all applications and service principals. |
featureRolloutPolicies |
featureRolloutPolicy collection |
The feature rollout policy associated with a directory object. |
homeRealmDiscoveryPolicies |
homeRealmDiscoveryPolicy collection |
The policy to control Microsoft Entra authentication behavior for federated users. |
identitySecurityDefaultsEnforcementPolicy |
identitySecurityDefaultsEnforcementPolicy |
The policy that represents the security defaults that protect against common attacks. |
permissionGrantPolicies |
permissionGrantPolicy collection |
The policy that specifies the conditions under which consent can be granted. |
roleManagementPolicies |
unifiedRoleManagementPolicy collection |
Specifies the various policies associated with scopes and roles. |
roleManagementPolicyAssignments |
unifiedRoleManagementPolicyAssignment collection |
The assignment of a role management policy to a role definition object. |
tokenIssuancePolicies |
tokenIssuancePolicy collection |
The policy that specifies the characteristics of SAML tokens issued by Microsoft Entra ID. |
tokenLifetimePolicies |
tokenLifetimePolicy collection |
The policy that controls the lifetime of a JWT access token, an ID token, or a SAML 1.1/2.0 token issued by Microsoft Entra ID. |
b2bManagementPolicies |
b2bManagementPolicy collection |
The policy to manage Microsoft Entra B2B features in Microsoft Entra External ID for workforce tenants. |
mobileAppManagementPolicies |
mobileAppManagementPolicy collection |
The policy that defines autoenrollment configuration for a mobility management (MDM or MAM) application. |
mobileDeviceManagementPolicies |
mobileDeviceManagementPolicy collection |
Related mobileDeviceManagementPolicies data exposed by this resource. |
onPremAuthenticationPolicies |
onPremAuthenticationPolicy collection |
The policy that controls how authentication requests from on-premises environments are managed. |
permissionGrantPreApprovalPolicies |
permissionGrantPreApprovalPolicy collection |
Policies that specify the conditions under which consent can be granted to a specific application. |
servicePrincipalCreationPolicies |
servicePrincipalCreationPolicy collection |
Related servicePrincipalCreationPolicies data exposed by this resource. |
Graph Methods
Delegated access
App-only access
Exact Microsoft Learn match
Microsoft Graph v1.0 endpoints are mapped directly from refreshed Microsoft Learn permissions tables.
No API methods available for this version.
Exact Microsoft Learn match
Microsoft Graph beta endpoints are mapped directly from refreshed Microsoft Learn permissions tables.
Exact Microsoft Learn PowerShell match
Microsoft Graph PowerShell v1.0 commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.
No deterministic PowerShell command map is available for this permission.
Browse PowerShell docs
Exact Microsoft Learn PowerShell match
Microsoft Graph PowerShell beta commands are mapped directly from refreshed Microsoft Learn PowerShell snippets.
Code Examples
C# / .NET SDK
Delete b2bManagementPolicy
// Code snippets are only available for the latest version. Current version is 5.x
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
await graphClient.Policies.B2bManagementPolicies["{b2bManagementPolicy-id}"].DeleteAsync();
JavaScript
Create b2bManagementPolicy
const options = {
authProvider,
};
const client = Client.init(options);
const b2bManagementPolicy = {
'@odata.type': '#microsoft.graph.b2bManagementPolicy',
deletedDateTime: null,
description: 'Policy used for B2B features',
displayName: 'Policy1',
definition: [
"{
\'B2BManagementPolicy\':{
\'version\':1,
\'invitationsAllowedAndBlocked\':{
\'AllowedDomains\': [\'microsoft.com\', \'live.com\'],
\'BlockedDomains\': [\'bing.com\']
}
}
}"
],
isOrganizationDefault: true
};
await client.api('/policies/b2bManagementPolicies')
.version('beta')
.post(b2bManagementPolicy);
PowerShell
Delete b2bManagementPolicy
Import-Module Microsoft.Graph.Beta.Identity.SignIns
Remove-MgBetaPolicyB2BManagementPolicy -B2bManagementPolicyId $b2bManagementPolicyId
Python
Delete b2bManagementPolicy
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
await graph_client.policies.b2b_management_policies.by_b2b_management_policy_id('b2bManagementPolicy-id').delete()App Registration
1
Navigate to Azure Portal
Go to App registrations in Microsoft Entra admin center
2
Add API Permission
Select your app → API permissions → Add a permission → Microsoft Graph
3
Select Permission Type
Choose Application permissions or delegated permissions and search for Policy.ReadWrite.B2BManagementPolicy
4
Grant Admin Consent
Application permissions always require admin consent.